1 results (0.001 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor. • https://akka.io/security/alpakka-kafka-cve-2023-29471.html https://github.com/akka/alpakka-kafka/issues/1592 • CWE-312: Cleartext Storage of Sensitive Information •