High
CVE-2022-37023 CVSS:9.8
Apache Geode could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using REST API on Java 8 or Java 11. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-37022 CVSS:9.8
Apache Geode could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using JMX over RMI on Java 11. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-37021 CVSS:9.8
Apache Geode could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using JMX over RMI on Java 8. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Apache
Upgrade to the latest version of Apache Geode, available from the Apache Website.