MEDIUM🇬🇧 English

CVE-2023-51390

CVSS 6.5v3.1pub. 2023-12-21upd. 2024-11-21

journalpump is a daemon that takes log messages from journald and pumps them to a given output. A logging vulnerability was found in journalpump which logs out the configuration of a service integration in plaintext to the supplied logging pipeline, including credential information contained in the configuration if any. The problem has been patched in journalpump 2.5.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Aiven Journalpump

    APP
    Aiven
    < 2.5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-55282CRITICAL9.1PL ✓ten sam vendor

Privilege escalation do superużytkownika PostgreSQL w aiven-db-migrate

CVE-2025-55283CRITICAL9.1PL ✓ten sam vendor

Privilege escalation do superuser w Aiven-Db-Migrate przez złośliwy dump PostgreSQL

CVE-2026-25999HIGH7.1ten sam vendor

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an impr...

CVE-2025-67745HIGH7.1ten sam vendor

MyHoard is a daemon for creating, managing and restoring MySQL backups. Starting in version 1.0.1 and prior to...

CVE-2023-32305HIGH8.8ten sam vendor

aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, ...