Vulnerabilities > Aerospike > Aerospike Server

DATE CVE VULNERABILITY TITLE RISK
2020-08-05 CVE-2020-13151 OS Command Injection vulnerability in Aerospike Server
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query.
network
low complexity
aerospike CWE-78
critical
9.8