Vulnerabilities > Apache > Storm > 2.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-23 | CVE-2023-43123 | Unspecified vulnerability in Apache Storm On unix-like systems, the temporary directory is shared between all user. | 5.5 |
2021-10-25 | CVE-2021-38294 | OS Command Injection vulnerability in Apache Storm A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. | 9.8 |
2021-10-25 | CVE-2021-40865 | Deserialization of Untrusted Data vulnerability in Apache Storm An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). | 9.8 |