2 matches found
com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=0.10 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=0.10 <=6.0.2) +71 more potentially affected by CVE-2017-15696 via org.apache.geode:geode-core (>=1.10.0 <=1.3.0)
org.apache.geode:geode-core MAVEN version =1.10.0, =0.10, =0.10, =2.0.0, =0.1.9, =2.4.0, =1.16.0, =1.14.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.15.4 and more Source cves: CVE-2017-15696 Source advisory: OSV:GHSA-G569-49WG-JX5F...
CVE-2017-15696
The CVE-2017-15696 entry affects Apache Geode before v1.4.0. In secure mode, the Geode configuration service fails to properly authorize configuration requests, allowing an unprivileged user with access to a Geode locator to extract configuration data and previously deployed application code. Con...