Geode@1.12.0 Security Vulnerabilities and Issues — Geode@1.12.0 CVE List

Lucene search

ApacheGeode1.12.0

3 matches found

CVE•added 2020/02/24 10:15 p.m.•4065 views

CVE-2020-1938

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS9.9AI score0.94469EPSS

CVE•added 2020/03/02 5:15 p.m.•205 views

CVE-2019-14892

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.

9.8CVSS9.4AI score0.00873EPSS

CVE•added 2020/01/02 5:15 p.m.•68 views

CVE-2014-0048

An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.

9.8CVSS9.4AI score0.03322EPSS