Sentry
by Apache
Source repositories
- https://github.com/apache/sentryarchived
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-0760 | Hig | 0.57 | 8.8 | 0.01 | Aug 19, 2016 | Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions. | ||
| CVE-2020-8887 | 0.00 | — | 0.01 | Sep 22, 2020 | Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page). | |||
| CVE-2014-1409 | 0.00 | — | 0.00 | Jan 8, 2020 | MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords |
- risk 0.57cvss 8.8epss 0.01
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions.
- CVE-2020-8887Sep 22, 2020risk 0.00cvss —epss 0.01
Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page).
- CVE-2014-1409Jan 8, 2020risk 0.00cvss —epss 0.00
MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords