Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.7 views

CVE-2021-34797

Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix "sysprop-", "javax.net.ssl", or "security-". This iss...

7.5CVSS6.3AI score0.02894EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/01/06 10:23 p.m.4 views

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=2.0.0 <=2.0.1), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.0 <=2.0.1) +51 more potentially affected by CVE-2021-34797 via org.apache.geode:geode-core (>=1.0.0-incubating <=1.12.4)

org.apache.geode:geode-core MAVEN version =1.0.0-incubating, =2.0.0, =2.0.0, =2.0.0, =0.3.12, =0.3.5, =2.4.0, =1.22.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.0.0-incubating, =1.12.4 and more Source cves: CVE-2021-34797 Source advisory: OSV:GHSA-MW25-F5R2-HPC6...

7.5CVSS7.1AI score0.02894EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/06 10:23 p.m.5 views

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.2 <=3.0.4) +41 more potentially affected by CVE-2021-34797 via org.apache.geode:geode-core (>=1.13.0 <=1.13.4)

org.apache.geode:geode-core MAVEN version =1.13.0, =2.0.2, =2.0.2, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.2, =1.13.2, =1.13.2, =1.13.0, =1.13.0, =1.13.4 and more Source cves: CVE-2021-34797 Source advisory: OSV:GHSA-MW25-F5R2-HPC6...

7.5CVSS7.1AI score0.02894EPSS
Exploits0
CVE
CVE
added 2022/01/04 8:55 a.m.82 views

CVE-2021-34797

CVE-2021-34797 affects Apache Geode up to 1.12.4 and 1.13.4, where log file redaction mishandles values starting with non-alphanumeric characters for passwords and security properties prefixed with “sysprop-”, “javax.net.ssl”, or “security-”. This could lead to sensitive information being written...

7.5CVSS7.2AI score0.02894EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/04 8:55 a.m.34 views

CVE-2021-34797 Apache Geode project log file redaction of sensitive information vulnerability

Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix "sysprop-", "javax.net.ssl", or "security-". This iss...

7.4AI score0.02894EPSS
Exploits0References2
Rows per page
Query Builder