2 matches found
CVE-2020-29050
CVE-2020-29050 affects SphinxSearch in Sphinx Technologies Sphinx up to version 3.1.1, enabling directory traversal via the mysql client for CALL SNIPPETS and load_file with full pathnames (unrelated to CMUSphinx). The issue, often discussed with CVE-2019-14511, has been addressed in multiple Lin...
CVE-2019-14511
CVE-2019-14511 affects Sphinx Technologies Sphinx up to version 3.1.1. By default, the service has no authentication and listens on 0.0.0.0, exposing it to the Internet unless firewall rules or a reconfiguration restrict it to 127.0.0.1. This creates reliance on network controls for exposure. Rel...