pkg:maven/org.apache.geode/geode-core
Type
maven
Namespace
org.apache.geode
Name
geode-core
Known advisories, vulnerabilities and fixes for org.apache.geode/geode-core package.
Critical
2
High
9
Moderate
6
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | = 1.1.0 |
CVE-2017-5649
|
MAVEN:GHSA-2GW6-73WC-X88F | Apache Geode information disclosure vulnerability | high |
2022-05-17T02:50:39
(2 years ago) |
|
Fixed | = 1.1.1 |
CVE-2017-5649
|
MAVEN:GHSA-2GW6-73WC-X88F | Apache Geode information disclosure vulnerability | high |
2022-05-17T02:50:39
(2 years ago) |
|
Affected | < 1.15.1 |
CVE-2022-34870
|
MAVEN:GHSA-373R-9MG8-3JC4 | Apache Geode vulnerable to Cross-Site Scripting | moderate |
2022-10-25T19:00:27
(23 months ago) |
|
Fixed | = 1.15.1 |
CVE-2022-34870
|
MAVEN:GHSA-373R-9MG8-3JC4 | Apache Geode vulnerable to Cross-Site Scripting | moderate |
2022-10-25T19:00:27
(23 months ago) |
|
Affected | >= 1.0.0, < 1.2.1 |
CVE-2017-9794
|
MAVEN:GHSA-37M3-QP37-X3C6 | Apache Geode gfsh query vulnerability | moderate |
2022-05-17T00:34:39
(2 years ago) |
|
Fixed | = 1.2.1 |
CVE-2017-9794
|
MAVEN:GHSA-37M3-QP37-X3C6 | Apache Geode gfsh query vulnerability | moderate |
2022-05-17T00:34:39
(2 years ago) |
|
Affected | >= 1.0.0, < 1.3.0 |
CVE-2017-9795
|
MAVEN:GHSA-6M68-3W55-6MX4 | Apache Geode OQL method invocation vulnerability | high |
2022-05-14T00:57:16
(2 years ago) |
|
Fixed | = 1.3.0 |
CVE-2017-9795
|
MAVEN:GHSA-6M68-3W55-6MX4 | Apache Geode OQL method invocation vulnerability | high |
2022-05-14T00:57:16
(2 years ago) |
|
Affected | < 1.15.0 |
CVE-2022-37023
|
MAVEN:GHSA-72X9-48MC-PHH6 | Apache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data | moderate |
2022-09-01T00:00:26
(2 years ago) |
|
Fixed | = 1.15.0 |
CVE-2022-37023
|
MAVEN:GHSA-72X9-48MC-PHH6 | Apache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data | moderate |
2022-09-01T00:00:26
(2 years ago) |
|
Affected | >= 1.0.0, < 1.4.0 |
CVE-2017-15693
|
MAVEN:GHSA-95M2-P98F-24R5 | Apache Geode unsafe deserialization of application objects | high |
2022-05-14T03:35:52
(2 years ago) |
|
Fixed | = 1.4.0 |
CVE-2017-15693
|
MAVEN:GHSA-95M2-P98F-24R5 | Apache Geode unsafe deserialization of application objects | high |
2022-05-14T03:35:52
(2 years ago) |
|
Affected | >= 1.0.0, < 1.4.0 |
CVE-2017-15696
|
MAVEN:GHSA-G569-49WG-JX5F | Apache Geode configuration request authorization vulnerability | high |
2022-05-14T03:37:08
(2 years ago) |
|
Fixed | = 1.4.0 |
CVE-2017-15696
|
MAVEN:GHSA-G569-49WG-JX5F | Apache Geode configuration request authorization vulnerability | high |
2022-05-14T03:37:08
(2 years ago) |
|
Affected | >= 1.0.0, < 1.3.0 |
CVE-2017-12622
|
MAVEN:GHSA-H22R-H77W-2G5F | Apache Geode gfsh authorization vulnerability | high |
2022-05-14T03:47:21
(2 years ago) |
|
Fixed | = 1.3.0 |
CVE-2017-12622
|
MAVEN:GHSA-H22R-H77W-2G5F | Apache Geode gfsh authorization vulnerability | high |
2022-05-14T03:47:21
(2 years ago) |
|
Affected | >= 1.0.0, < 1.5.0 |
CVE-2017-15695
|
MAVEN:GHSA-JMG4-X4VP-6C6X | Apache Geode vulnerable to Incorrect Authorization | high |
2022-05-13T01:18:20
(2 years ago) |
|
Fixed | = 1.5.0 |
CVE-2017-15695
|
MAVEN:GHSA-JMG4-X4VP-6C6X | Apache Geode vulnerable to Incorrect Authorization | high |
2022-05-13T01:18:20
(2 years ago) |
|
Affected | >= 1.13.0, < 1.13.5 < 1.12.5 |
CVE-2021-34797
|
MAVEN:GHSA-MW25-F5R2-HPC6 | Insertion of Sensitive Information into Log File in Apache Geode | high |
2022-01-06T22:23:25
(2 years ago) |
|
Fixed | = 1.13.5 = 1.12.5 |
CVE-2021-34797
|
MAVEN:GHSA-MW25-F5R2-HPC6 | Insertion of Sensitive Information into Log File in Apache Geode | high |
2022-01-06T22:23:25
(2 years ago) |
|
Affected | < 1.9.0 |
CVE-2017-15694
|
MAVEN:GHSA-P426-QW2P-V95V | Argument Injection in Apache Geode server | moderate |
2019-06-26T01:09:35
(5 years ago) |
|
Fixed | = 1.9.0 |
CVE-2017-15694
|
MAVEN:GHSA-P426-QW2P-V95V | Argument Injection in Apache Geode server | moderate |
2019-06-26T01:09:35
(5 years ago) |
|
Affected | >= 1.14.0, < 1.14.1 >= 1.13.0, < 1.13.5 < 1.12.16 |
CVE-2022-37021
|
MAVEN:GHSA-Q4Q3-R45F-7GWG | Apache Geode vulnerable to Deserialization of Untrusted Data | critical |
2022-09-01T00:00:26
(2 years ago) |
|
Fixed | = 1.14.1 = 1.13.5 = 1.12.16 |
CVE-2022-37021
|
MAVEN:GHSA-Q4Q3-R45F-7GWG | Apache Geode vulnerable to Deserialization of Untrusted Data | critical |
2022-09-01T00:00:26
(2 years ago) |
|
Affected | >= 1.0.0, < 1.3.0 |
CVE-2017-9796
|
MAVEN:GHSA-Q7CP-R6CJ-HPF5 | Apache Geode OQL bind parameter vulnerability | moderate |
2022-05-14T03:46:41
(2 years ago) |
|
Fixed | = 1.3.0 |
CVE-2017-9796
|
MAVEN:GHSA-Q7CP-R6CJ-HPF5 | Apache Geode OQL bind parameter vulnerability | moderate |
2022-05-14T03:46:41
(2 years ago) |
|
Affected | < 1.15.0 |
CVE-2022-37022
|
MAVEN:GHSA-QF8G-VPWP-6579 | Apache Geode versions deserialization of untrusted datawhen using JMX over RMI on Java 11 | high |
2022-09-01T00:00:26
(2 years ago) |
|
Fixed | = 1.15.0 |
CVE-2022-37022
|
MAVEN:GHSA-QF8G-VPWP-6579 | Apache Geode versions deserialization of untrusted datawhen using JMX over RMI on Java 11 | high |
2022-09-01T00:00:26
(2 years ago) |
|
Affected | >= 1.0.0, < 1.2.1 |
CVE-2017-9797
|
MAVEN:GHSA-VH98-FQFC-4HJ3 | Apache Geode vulnerable to Exposure of Sensitive Information | moderate |
2022-05-13T01:48:08
(2 years ago) |
|
Fixed | = 1.2.1 |
CVE-2017-9797
|
MAVEN:GHSA-VH98-FQFC-4HJ3 | Apache Geode vulnerable to Exposure of Sensitive Information | moderate |
2022-05-13T01:48:08
(2 years ago) |
|
Affected | >= 1.0.0, < 1.4.0 |
CVE-2017-15692
|
MAVEN:GHSA-W395-HPQ9-7XWR | Apache Geode unsafe deserialization in TcpServer | critical |
2022-05-14T03:35:52
(2 years ago) |
|
Fixed | = 1.4.0 |
CVE-2017-15692
|
MAVEN:GHSA-W395-HPQ9-7XWR | Apache Geode unsafe deserialization in TcpServer | critical |
2022-05-14T03:35:52
(2 years ago) |
|
Affected | < 1.10.0 |
CVE-2019-10091
|
MAVEN:GHSA-WC4X-4GM2-74J8 | Apache Geode SSL endpoint verification vulnerability | high |
2022-02-10T20:51:04
(2 years ago) |
|
Fixed | = 1.10.0 |
CVE-2019-10091
|
MAVEN:GHSA-WC4X-4GM2-74J8 | Apache Geode SSL endpoint verification vulnerability | high |
2022-02-10T20:51:04
(2 years ago) |