3 matches found
SUSE CVE-2018-11779
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class...
org.apache.storm:storm-kafka-client-examples (>=1.1.0 <=1.2.2), uk.co.gresearch.siembol:config-editor-sync (>=1.0.0 <=1.3.0) potentially affected by CVE-2018-11779 via org.apache.storm:storm-kafka-client (>=1.1.0 <=1.2.2)
org.apache.storm:storm-kafka-client MAVEN version =1.1.0, =1.1.0, =1.0.0, =1.3.0 Source cves: CVE-2018-11779 Source advisory: OSV:GHSA-25PC-85QF-6J69...
CVE-2018-11779
Technical details about CVE-2018-11779 are not provided in the supplied documents. Monitor for updates from official advisories.