Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.kafka/kafka-clients@0.10.1.1
purl pkg:maven/org.apache.kafka/kafka-clients@0.10.1.1
Next non-vulnerable version 0.10.2.2
Latest non-vulnerable version 4.1.2
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-fted-1y3h-tye2
Aliases:
CVE-2017-12610
GHSA-xm78-4m3g-7wm7
In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka.
0.10.2.2
Affected by 0 other vulnerabilities.
0.11.0.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:47:41.695504+00:00 GitLab Importer Affected by VCID-fted-1y3h-tye2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.kafka/kafka-clients/CVE-2017-12610.yml 38.4.0
2026-04-11T23:03:32.579139+00:00 GitLab Importer Affected by VCID-fted-1y3h-tye2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.kafka/kafka-clients/CVE-2017-12610.yml 38.3.0
2026-04-02T23:11:54.867571+00:00 GitLab Importer Affected by VCID-fted-1y3h-tye2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.kafka/kafka-clients/CVE-2017-12610.yml 38.1.0
2026-04-01T17:31:49.207376+00:00 GitLab Importer Affected by VCID-fted-1y3h-tye2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.kafka/kafka-clients/CVE-2017-12610.yml 38.0.0