io.crate:crate

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting io.crate:cratepage 1 of 1

CVE-2023-51982CRITICALCVSS 9.8EG 9.8✓ Fixed in 5.5.2
2024-01-30
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP r…
CVE-2024-24565MEDIUMCVSS 5.7EG 9.0✓ Fixed in 5.6.1
2024-01-30
vulnerable: 5.6.0
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This functio…
CVE-2024-37309MEDIUMCVSS 5.3EG 5.3✓ Fixed in 5.7.2
2024-06-13
CrateDB is a distributed SQL database. A high-risk vulnerability has been identified in versions prior to 5.7.2 where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this featu…

Check whether io.crate:crate is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for io.crate:crate CVEs against the assets you own.

Start Free Scan →