pkg:Bitnami/cassandra

All known vulnerabilities

• CRITICAL9.1CVE-2021-44521Remote code execution for scripted UDFs
  >= 3.0.0, < 3.0.26, >= 3.11.0, < 3.11.12, >= 4.0.0, < 4.0.2
• HIGH8.8CVE-2025-26467Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions (4.0.16 only)
  >= 4.0.16, < 4.0.17
• HIGH8.8CVE-2025-23015Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions
  >= 3.0.0, < 3.0.31, >= 3.1.0, < 3.11.18, >= 4.0.0, < 4.0.16, >= 4.1.0, < 4.1.8, >= 5.0.0, < 5.0.3
• HIGH7.8CVE-2023-30601Apache Cassandra: Privilege escalation when enabling FQL/Audit logs
  >= 4.0.0, < 4.0.10, >= 4.1.0, < 4.1.2
• HIGH7.5CVE-2020-17516Authentication Bypass in Apache Cassandra
  >= 2.1.0, < 2.1.23, >= 2.2.0, < 2.2.20, >= 3.0.0, < 3.0.24, >= 3.11.0, < 3.11.10
• MEDIUM5.9CVE-2024-27137Apache Cassandra: unrestricted deserialization of JMX authentication credentials
  >= 4.0.2, < 4.0.15, >= 4.1.0, < 4.1.8, >= 5.0.0, < 5.0.3
• MEDIUM5.9CVE-2020-13946Man-in-the-middle attack in Apache Cassandra
  from 0, < 2.1.22, >= 2.2.0, < 2.2.18, >= 3.0.0, < 3.0.22, >= 3.11.0, < 3.11.8
• MEDIUM5.5CVE-2026-27315Apache Cassandra: cqlsh history sensitive information leak
  >= 4.0.0, < 4.0.20
• MEDIUM5.4CVE-2025-24860Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions
  >= 4.0.0, < 4.0.16, >= 4.1.0, < 4.1.8, >= 5.0.0, < 5.0.3