VulnerableCode Package Details - pkg:maven/org.apache.kafka/kafka@0.9.0.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.kafka/kafka@0.9.0.0

Essentials
History (1)

purl	pkg:maven/org.apache.kafka/kafka@0.9.0.0

Next non-vulnerable version	0.10.2.2
Latest non-vulnerable version	3.9.1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-ydc4-by57-bkbm Aliases: CVE-2018-1288 GHSA-gh27-38p5-mrxc	Information Exposure In Apache Kafka authenticated users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.	0.10.2.2 Affected by 0 other vulnerabilities. 0.11.0.3 Affected by 0 other vulnerabilities. 1.0.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-ydc4-by57-bkbm
Aliases:
CVE-2018-1288
GHSA-gh27-38p5-mrxc

Information Exposure In Apache Kafka authenticated users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.

0.10.2.2
Affected by 0 other vulnerabilities.

0.11.0.3
Affected by 0 other vulnerabilities.

1.0.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T16:00:51.067263+00:00	GHSA Importer	Affected by	VCID-ydc4-by57-bkbm	https://github.com/advisories/GHSA-gh27-38p5-mrxc	38.0.0