Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.kafka/kafka@2.8.2
Typemaven
Namespaceorg.apache.kafka
Namekafka
Version2.8.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.0.2
Latest_non_vulnerable_version3.9.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-fcsz-ec5x-3kgc
vulnerability_id VCID-fcsz-ec5x-3kgc
summary 
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Example scenarios: - Kafka cluster without authentication: Any clients able to establish a network connection to a broker can trigger the issue. - Kafka cluster with SASL authentication: Any clients able to establish a network connection to a broker, without the need for valid SASL credentials, can trigger the issue. - Kafka cluster with TLS authentication: Only clients able to successfully authenticate via TLS can trigger the issue. We advise the users to upgrade the Kafka installations to one of the 3.2.3, 3.1.2, 3.0.2, 2.8.2 versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34917.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34917.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34917
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.2191
published_at 2026-04-24T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22051
published_at 2026-04-21T12:55:00Z
2
value 0.00073
scoring_system epss
scoring_elements 0.22204
published_at 2026-04-11T12:55:00Z
3
value 0.00073
scoring_system epss
scoring_elements 0.22097
published_at 2026-04-18T12:55:00Z
4
value 0.00073
scoring_system epss
scoring_elements 0.22104
published_at 2026-04-16T12:55:00Z
5
value 0.00073
scoring_system epss
scoring_elements 0.22217
published_at 2026-04-02T12:55:00Z
6
value 0.00073
scoring_system epss
scoring_elements 0.22164
published_at 2026-04-12T12:55:00Z
7
value 0.00073
scoring_system epss
scoring_elements 0.22265
published_at 2026-04-04T12:55:00Z
8
value 0.00073
scoring_system epss
scoring_elements 0.22048
published_at 2026-04-07T12:55:00Z
9
value 0.00073
scoring_system epss
scoring_elements 0.22129
published_at 2026-04-08T12:55:00Z
10
value 0.00073
scoring_system epss
scoring_elements 0.22183
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34917
2
reference_url https://github.com/apache/kafka/commit/14951a83e3fdead212156e5532359500d72f68bc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka/commit/14951a83e3fdead212156e5532359500d72f68bc
3
reference_url https://github.com/apache/kafka/commit/2bfa24b2bd416e7b8c4a0c566b984c43904fdecb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka/commit/2bfa24b2bd416e7b8c4a0c566b984c43904fdecb
4
reference_url https://github.com/apache/kafka/commit/aaceb6b79bfcb1d32874ccdbc8f3138d1c1c00fb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka/commit/aaceb6b79bfcb1d32874ccdbc8f3138d1c1c00fb
5
reference_url https://github.com/apache/kafka/commit/c1295662768e64b4467e27c3d5158f95f2307657
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka/commit/c1295662768e64b4467e27c3d5158f95f2307657
6
reference_url https://issues.apache.org/jira/browse/KAFKA-14063
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/KAFKA-14063
7
reference_url https://kafka.apache.org/cve-list
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:38:30Z/
url https://kafka.apache.org/cve-list
8
reference_url https://kafka.apache.org/cve-list#CVE-2022-34917
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kafka.apache.org/cve-list#CVE-2022-34917
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34917
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-34917
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130018
reference_id 2130018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130018
11
reference_url https://github.com/advisories/GHSA-c9h3-c6qj-hh7q
reference_id GHSA-c9h3-c6qj-hh7q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9h3-c6qj-hh7q
12
reference_url https://access.redhat.com/errata/RHSA-2022:6819
reference_id RHSA-2022:6819
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6819
fixed_packages
0
url pkg:maven/org.apache.kafka/kafka@2.8.2
purl pkg:maven/org.apache.kafka/kafka@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@2.8.2
1
url pkg:maven/org.apache.kafka/kafka@3.0.2
purl pkg:maven/org.apache.kafka/kafka@3.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.0.2
2
url pkg:maven/org.apache.kafka/kafka@3.1.2
purl pkg:maven/org.apache.kafka/kafka@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.1.2
3
url pkg:maven/org.apache.kafka/kafka@3.2.3
purl pkg:maven/org.apache.kafka/kafka@3.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.2.3
aliases CVE-2022-34917, GHSA-c9h3-c6qj-hh7q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcsz-ec5x-3kgc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@2.8.2