Lucene search
MitreCVELIST:CVE-2019-14511HistoryAug 22, 2019 - 12:26 p.m.
CVE-2019-14511
2019-08-2212:26:41
mitre
www.cve.org
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
References
sphinxsearch.com/docs/sphinx3.html#getting-started-on-linux-and-macos
blog.wirhabenstil.de/2019/08/19/sphinxsearch-0-0-0-09306-cve-2019-14511/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FPPNZZMWTZOMFGFETMET6YKIH2DQDKS/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XD25JJJVM7FFXAO2L3ZG2KXQ6UMFBIA4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YSLPW44RWIGHU5AG3P4U2HPSD3UBG4GJ/
sphinxsearch.com/blog/
Related
openvas
openvas
Fedora Update for sphinx FEDORA-2019-9231a18768
2019-09-15 00:00:00
Fedora Update for sphinx FEDORA-2019-1f604fd2f2
2020-01-09 00:00:00
Mageia: Security Advisory (MGASA-2020-0087)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2019-14511
2019-08-22 00:00:00
CVE-2020-29050
2022-01-10 00:00:00
prion
prion
Authentication flaw
2019-08-22 13:15:00
Directory traversal
2022-01-10 14:10:00
veracode
veracode
Information Disclosure
2021-12-14 15:58:38
nessus
nessus
Fedora 31 : sphinx (2019-1f604fd2f2)
2019-10-07 00:00:00
Fedora 29 : sphinx (2019-bdadf4c6f5)
2019-09-16 00:00:00
Fedora 30 : sphinx (2019-9231a18768)
2019-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: sphinx-2.2.11-12.fc30
2019-09-14 01:13:34
[SECURITY] Fedora 29 Update: sphinx-2.2.11-12.fc29
2019-09-14 01:54:57
[SECURITY] Fedora 31 Update: sphinx-2.2.11-13.fc31
2019-09-30 00:03:10
mageia
mageia
Updated sphinx packages fix security vulnerability
2020-02-18 17:05:53
nvd
nvd
CVE-2019-14511
2019-08-22 13:15:12
CVE-2020-29050
2022-01-10 14:10:16
cve
cve
CVE-2019-14511
2019-08-22 13:15:12
CVE-2020-29050
2022-01-10 14:10:16
debiancve
debiancve
CVE-2019-14511
2019-08-22 13:15:12
CVE-2020-29050
2022-01-10 14:10:16
alpinelinux
alpinelinux
CVE-2020-29050
2022-01-10 14:10:16
suse
suse
Security update for sphinx (moderate)
2022-03-01 00:00:00
Security update for sphinx (moderate)
2022-02-21 00:00:00
cvelist
cvelist
CVE-2020-29050
2022-01-07 06:02:39