Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.kafka/kafka_2.12@2.6.1

Type maven

Namespace org.apache.kafka

Name kafka_2.12

Version 2.6.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 3.9.1

Latest_non_vulnerable_version 3.9.1

Affected_by_vulnerabilities

url VCID-bgcq-hezt-skgd

vulnerability_id VCID-bgcq-hezt-skgd

summary

Apache Kafka Deserialization of Untrusted Data vulnerability
A possible security vulnerability has been identified in Apache Kafka.
This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config
and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0).
When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`
property for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via the
`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.
This will allow the server to connect to the attacker's LDAP server
and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.

Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box
configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector
client override policy that permits them.

Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage
in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.

We advise the Kafka users to validate connector configurations and only allow trusted LDAP configurations. Also examine connector dependencies for
vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,
in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector
client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27818.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27818.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27818

reference_id

reference_type

scores

value	0.00682
scoring_system	epss
scoring_elements	0.72068
published_at	2026-06-09T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.72072
published_at	2026-06-05T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.7208
published_at	2026-06-06T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.72057
published_at	2026-06-07T12:55:00Z

value	0.00682
scoring_system	epss
scoring_elements	0.72043
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27818

reference_url

https://github.com/apache/kafka

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T14:18:28Z/

url

https://kafka.apache.org/cve-list

reference_url

http://www.openwall.com/lists/oss-security/2025/06/09/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/06/09/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2371368
reference_id	2371368
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2371368

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-27818

reference_id

CVE-2025-27818

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-27818

reference_url

https://github.com/advisories/GHSA-76qp-h5mr-frr4

reference_id

GHSA-76qp-h5mr-frr4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-76qp-h5mr-frr4

fixed_packages

url	pkg:maven/org.apache.kafka/kafka_2.12@3.9.1
purl	pkg:maven/org.apache.kafka/kafka_2.12@3.9.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@3.9.1

aliases CVE-2025-27818, GHSA-76qp-h5mr-frr4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bgcq-hezt-skgd

url VCID-evar-9mrp-87c9

vulnerability_id VCID-evar-9mrp-87c9

summary

Apache Kafka Deserialization of Untrusted Data vulnerability
In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource.


Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in in Apache Kafka 3.9.1/4.0.0

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27819.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27819.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27819

reference_id

reference_type

scores

value	0.00897
scoring_system	epss
scoring_elements	0.76031
published_at	2026-06-09T12:55:00Z

value	0.00897
scoring_system	epss
scoring_elements	0.76027
published_at	2026-06-06T12:55:00Z

value	0.00897
scoring_system	epss
scoring_elements	0.76019
published_at	2026-06-07T12:55:00Z

value	0.00897
scoring_system	epss
scoring_elements	0.76006
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27819

reference_url

https://github.com/apache/kafka

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:18:03Z/

url

https://kafka.apache.org/cve-list

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2371365
reference_id	2371365
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2371365

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-27819

reference_id

CVE-2025-27819

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-27819

reference_url

https://github.com/advisories/GHSA-26f8-x7cc-wqpc

reference_id

GHSA-26f8-x7cc-wqpc

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-26f8-x7cc-wqpc

reference_url

https://github.com/advisories/GHSA-mcwh-c9pg-xw43

reference_id

GHSA-mcwh-c9pg-xw43

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mcwh-c9pg-xw43

fixed_packages

url pkg:maven/org.apache.kafka/kafka_2.12@3.4.0

purl pkg:maven/org.apache.kafka/kafka_2.12@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bgcq-hezt-skgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@3.4.0

aliases CVE-2025-27819, GHSA-mcwh-c9pg-xw43

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-evar-9mrp-87c9

url VCID-ud4p-vwrf-cqfs

vulnerability_id VCID-ud4p-vwrf-cqfs

summary

Information Exposure Through Discrepancy
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38153.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38153.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38153

reference_id

reference_type

scores

value	0.0152
scoring_system	epss
scoring_elements	0.816
published_at	2026-06-06T12:55:00Z

value	0.0152
scoring_system	epss
scoring_elements	0.81607
published_at	2026-06-09T12:55:00Z

value	0.0152
scoring_system	epss
scoring_elements	0.81591
published_at	2026-06-08T12:55:00Z

value	0.0152
scoring_system	epss
scoring_elements	0.81599
published_at	2026-06-07T12:55:00Z

value	0.0152
scoring_system	epss
scoring_elements	0.81598
published_at	2026-06-05T12:55:00Z

value	0.01561
scoring_system	epss
scoring_elements	0.81815
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38153

reference_url

https://github.com/apache/kafka

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://kafka.apache.org/cve-list

reference_url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r35322aec467ddae34002690edaa4d9f16e7df9b5bf7164869b75b62c@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r35322aec467ddae34002690edaa4d9f16e7df9b5bf7164869b75b62c@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cusers.kafka.apache.org%3E

reference_url

https://support.confluent.io/hc/en-us/articles/4407632156692-CVE-2021-38153-Confluent-Platform-Vulnerability-Timing-attacks

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://support.confluent.io/hc/en-us/articles/4407632156692-CVE-2021-38153-Confluent-Platform-Vulnerability-Timing-attacks

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2009041
reference_id	2009041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2009041

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-38153

reference_id

CVE-2021-38153

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-38153

reference_url

https://github.com/advisories/GHSA-3j6g-hxx5-3q26

reference_id

GHSA-3j6g-hxx5-3q26

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3j6g-hxx5-3q26

reference_url	https://access.redhat.com/errata/RHSA-2022:0138
reference_id	RHSA-2022:0138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0138

reference_url	https://access.redhat.com/errata/RHSA-2022:0219
reference_id	RHSA-2022:0219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0219

reference_url	https://access.redhat.com/errata/RHSA-2022:0501
reference_id	RHSA-2022:0501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0501

reference_url	https://access.redhat.com/errata/RHSA-2022:0589
reference_id	RHSA-2022:0589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0589

reference_url	https://access.redhat.com/errata/RHSA-2022:0737
reference_id	RHSA-2022:0737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0737

reference_url	https://access.redhat.com/errata/RHSA-2022:2232
reference_id	RHSA-2022:2232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2232

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5606
reference_id	RHSA-2022:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5606

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

fixed_packages

url pkg:maven/org.apache.kafka/kafka_2.12@2.6.3

purl pkg:maven/org.apache.kafka/kafka_2.12@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bgcq-hezt-skgd

vulnerability	VCID-evar-9mrp-87c9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@2.6.3

url pkg:maven/org.apache.kafka/kafka_2.12@2.7.2

purl pkg:maven/org.apache.kafka/kafka_2.12@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bgcq-hezt-skgd

vulnerability	VCID-evar-9mrp-87c9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@2.7.2

url pkg:maven/org.apache.kafka/kafka_2.12@2.8.1

purl pkg:maven/org.apache.kafka/kafka_2.12@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bgcq-hezt-skgd

vulnerability	VCID-evar-9mrp-87c9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@2.8.1

aliases CVE-2021-38153, GHSA-3j6g-hxx5-3q26

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ud4p-vwrf-cqfs

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka_2.12@2.6.1

Package Instance