3 matches found
CVE-2026-2818
A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only. Mitigation Mitigation for this issue is either not available or...
CVE-2026-2818
A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only...
com.netflix.ndbench:ndbench-cli (>=0.3.12 <=0.7.4), com.netflix.ndbench:ndbench-geode-plugins (>=0.3.5 <=0.7.4) +35 more potentially affected by CVE-2026-2818 via org.springframework.data:spring-data-geode (>=1.0.0.INCUBATING-RELEASE <=2.7.5)
org.springframework.data:spring-data-geode MAVEN version =1.0.0.INCUBATING-RELEASE, =0.3.12, =0.3.5, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =3.0.0, =3.2.1...