Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2018/10/16 5:35 p.m.9 views

org.apache.storm:flux-core (>=1.1.0 <=1.1.2), org.apache.storm:storm-elasticsearch-examples (>=1.1.0 <=1.1.2) +14 more potentially affected by CVE-2018-8008 via org.apache.storm:storm-core (>=1.1.0 <=1.1.2)

org.apache.storm:storm-core MAVEN version =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.2 and more Source cves: CVE-2018-8008 Source advisory: OSV:GHSA-898J-5CC8-CMF5...

5.8CVSS6.4AI score0.02361EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2018/06/06 12:0 a.m.22 views

ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)

A file overwrite vulnerability exist in archive formats. To trigger this issue, an attacker may create a malicious archive that will exploit this vulnerability. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the vulnerable system and...

6.8CVSS4.4AI score0.37986EPSS
Exploits7
NVD
NVD
added 2018/06/05 7:29 p.m.19 views

CVE-2018-8008

Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar, xz, war, cpio, 7z, that holds path traversal filenames. So...

5.8CVSS5.6AI score0.02361EPSS
Exploits0References2
CVE
CVE
added 2018/06/05 7:0 p.m.83 views

CVE-2018-8008

CVE-2018-8008 affects Apache Storm up to 1.0.6, 1.2.1, and 1.1.2, enabling arbitrary file write via specially crafted archives with path traversal filenames that extract outside the target directory. Connected advisories corroborate a ZipSlip-style flaw across multiple Storm releases. Remediation...

5.8CVSS5.8AI score0.02361EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2018/05/04 7:17 p.m.7 views

com.accelerate-experience:storm-metrics-statsd (>=1.0.0 <=1.0.1), com.accelerate-experience:storm-rabbitmq (=1.0.0) +85 more potentially affected by CVE-2018-8008 via org.apache.storm:storm-core (>=1.0.0 <=1.1.2)

org.apache.storm:storm-core MAVEN version =1.0.0, =1.0.0, =0.1.0, =1.0, =1.0, =1.0, =1.3, =1.0, =1.0, =1.0, =1.0.0, =1.0.4 - com.github.ptgoetz:storm-jms =1.0.2 - com.github.ptgoetz:storm-signals =1.0.3 and more Source cves: CVE-2018-8008 Source advisory: SNYK:JAVA-ORGAPACHESTORM-32346...

5.8CVSS6.4AI score0.02361EPSS
Exploits0
Rows per page
Query Builder