3 matches found
com.accelerate-experience:storm-metrics-statsd (>=1.0.0 <=1.0.1), com.accelerate-experience:storm-rabbitmq (=1.0.0) +90 more potentially affected by CVE-2018-1331 via org.apache.storm:storm-core (>=0.9.3 <=1.1.2)
org.apache.storm:storm-core MAVEN version =0.9.3, =1.0.0, =0.1.0, =1.0, =1.0, =1.0, =1.3, =1.0, =1.0, =1.0, =1.0.0, =0.3.4, =0.4.1 - com.github.ptgoetz:flux =0.1.0 and more Source cves: CVE-2018-1331 Source advisory: OSV:GHSA-P8JX-X2VW-WM33...
CVE-2018-1331
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user...
CVE-2018-1331
The provided connected documents confirm CVE-2018-1331 affects Apache Storm versions: 0.10.0–0.10.2, 1.0.0–1.0.6, 1.1.0–1.1.2, and 1.2.0–1.2.1. The vulnerability allows an attacker with access to a secure Storm cluster to execute arbitrary code as a different user. The available sources describe ...