CRITICAL9.8CVE-2022-37021Apache Geode vulnerable to Deserialization of Untrusted Data from 0, < 1.12.16
CRITICAL9.8CVE-2017-15692Apache Geode unsafe deserialization in TcpServer >= 1.0.0, < 1.4.0
HIGH8.8CVE-2022-37022Apache Geode versions deserialization of untrusted datawhen using JMX over RMI on Java 11 from 0, < 1.15.0
HIGH8.8Apache Geode vulnerable to Incorrect Authorization
>= 1.0.0, < 1.5.0
HIGH7.5Apache Geode information disclosure vulnerability
>= 1.1.0, < 1.1.1
HIGH7.5Apache Geode configuration request authorization vulnerability
>= 1.0.0, < 1.4.0
HIGH7.5Apache Geode unsafe deserialization of application objects
>= 1.0.0, < 1.4.0
HIGH7.5Apache Geode OQL method invocation vulnerability
>= 1.0.0, < 1.3.0
HIGH7.4Apache Geode SSL endpoint verification vulnerability
from 0, < 1.10.0
HIGH7.1Apache Geode gfsh authorization vulnerability
>= 1.0.0, < 1.3.0
MEDIUM6.5Apache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data
from 0, < 1.15.0
MEDIUM6.5Apache Geode vulnerable to Exposure of Sensitive Information
>= 1.0.0, < 1.2.1
MEDIUM6.5Argument Injection in Apache Geode server
from 0, < 1.9.0
MEDIUM5.4Apache Geode vulnerable to Cross-Site Scripting
from 0, < 1.15.1
MEDIUM5.3Apache Geode OQL bind parameter vulnerability
>= 1.0.0, < 1.3.0
MEDIUM4.3Apache Geode gfsh query vulnerability
>= 1.0.0, < 1.2.1
—Insertion of Sensitive Information into Log File in Apache Geode
from 0, < 1.12.5