com.hazelcast:hazelcast-enterprise

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.hazelcast:hazelcast-enterprisepage 1 of 1

CVE-2022-36437CRITICALCVSS 9.1EG 9.1✓ Fixed in 5.1.3
2022-12-29
The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are …
CVE-2023-33265HIGHCVSS 8.8EG 8.8✓ Fixed in 5.0.5
2023-07-18
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted.
CVE-2023-45860MEDIUMCVSS 6.5EG 6.5
2024-02-16
In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files…

Check whether com.hazelcast:hazelcast-enterprise is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.hazelcast:hazelcast-enterprise CVEs against the assets you own.

Start Free Scan →