pkg:maven/io.crate/crate
Type
maven
Namespace
io.crate
Name
crate
Known advisories, vulnerabilities and fixes for io.crate/crate package.
Moderate
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | = 5.6.0 >= 5.5.0, < 5.5.4 >= 5.4.0, < 5.4.8 < 5.3.9 |
CVE-2024-24565
|
MAVEN:GHSA-475G-VJ6C-XF96 | CrateDB database has an arbitrary file read vulnerability | moderate |
2024-01-30T20:57:16
(7 months ago) |
|
Fixed | = 5.6.1 = 5.5.4 = 5.4.8 = 5.3.9 |
CVE-2024-24565
|
MAVEN:GHSA-475G-VJ6C-XF96 | CrateDB database has an arbitrary file read vulnerability | moderate |
2024-01-30T20:57:16
(7 months ago) |
|
Affected | >= 5.5.0, < 5.5.2 >= 5.4.0, < 5.4.7 >= 5.3.0, < 5.3.8 < 5.2.11 <= 0.35.2 |
CVE-2023-51982
|
MAVEN:GHSA-7MGX-GVJW-M3W3 | CrateDB authentication bypass vulnerability | moderate |
2024-01-30T03:30:30
(7 months ago) |
|
Fixed | = 5.5.2 = 5.4.7 = 5.3.8 = 5.2.11 |
CVE-2023-51982
|
MAVEN:GHSA-7MGX-GVJW-M3W3 | CrateDB authentication bypass vulnerability | moderate |
2024-01-30T03:30:30
(7 months ago) |
|
Affected | < 5.7.2 |
CVE-2024-37309
|
MAVEN:GHSA-X268-QPG6-W9G2 | CrateDB has a Client initialized Session-Renegotiation DoS | moderate |
2024-06-13T19:39:06
(3 months ago) |
|
Fixed | = 5.7.2 |
CVE-2024-37309
|
MAVEN:GHSA-X268-QPG6-W9G2 | CrateDB has a Client initialized Session-Renegotiation DoS | moderate |
2024-06-13T19:39:06
(3 months ago) |