org.apache.mesos:mesos@0.18.0-rc6 vulnerabilities
-
latest version
1.11.0
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
3 years ago
-
licenses detected
- [0.9.0-incubating,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.mesos:mesos package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.mesos:mesos is a The Apache Mesos Java API jar. Affected versions of this package are vulnerable to Improper Data Handling. When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev might crash because the code accidentally calls inappropriate function. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. How to fix Improper Data Handling? Upgrade |
[,1.1.3-rc1)
[1.2.0,1.2.2-rc1)
[1.3.0,1.3.1-rc1)
|
org.apache.mesos:mesos is a The Apache Mesos Java API jar. Affected versions of this package are vulnerable to Improper Data Handling. When handling a libprocess message wrapped in an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev crashes if the request path is empty, because the parser assumes the request path always starts with '/'. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. How to fix Improper Data Handling? Upgrade |
[,1.1.3-rc1)
[1.2.0,1.2.2-rc1)
[1.3.0,1.3.1-rc1)
|
org.apache.mesos:mesos is a The Apache Mesos Java API jar. Affected versions of this package are vulnerable to Out-of-bounds. When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. How to fix Out-of-bounds? Upgrade |
[1.7.0,1.7.1)
[1.6.0,1.6.2)
[1.5.0,1.5.2)
[,1.4.3)
|