Apache Software Foundation Bookkeeper 4.14.1

CPE Details

Apache Software Foundation Bookkeeper 4.14.1
apache
bookkeeper
4.14.1
2022-04-04
13h44 +00:00
2022-04-04
15h37 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:apache:bookkeeper:4.14.1:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

bookkeeper

Version

4.14.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-32531 2022-12-15 10h17 +00:00 The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1.
5.9
Moyen
CVE-2019-17571 2019-12-20 15h01 +00:00 Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
9.8
Critique