Vulnerabilities > Apache > Geode > 1.12.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-34870 | Cross-site Scripting vulnerability in Apache Geode Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries. | 5.4 |
| 2022-08-31 | CVE-2022-37023 | Deserialization of Untrusted Data vulnerability in Apache Geode Apache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data flaw when using REST API on Java 8 or Java 11. | 6.5 |