Security Advisories

Documentation Cloud Services Solutions

Commvault Cloud Security Advisories

The following table lists security advisories for the Commvault software.

To report a new vulnerability, click here.

Advisory ID Synopsis CVEs Updated
CV_2024_04_1 Red Hat Enterprise Linux (RHEL) Malicious Injection Vulnerability CVE-2024-3094
CV_2024_01_1 Apache Struts 2 Vulnerability CVE-2023-50164
CV_2023_11_2 Heap Based Buffer Overflow Vulnerability in cURL CVE-2023-38545
CV_2023_11_1 Remote Code Execution Vulnerability in Apache ActiveMQ CVE-2023-46604
CV_2023_10_1 Libwebp Vulnerability CVE-2023-4863
CV_2023_05_1 Volt Typhoon Advisory
CV_2022_10_2 Remote Memory Corruption Vulnerability in OpenSSL CVE-2022-2274
CV_2022_10_1 Remote Code Execution Vulnerability in Apache Common Text CVE-2022-42889
CV_2022_04_1 Remote Code Execution Vulnerability in the Spring Framework CVE-2022-22963, CVE-2022-22965
CV_2022_01_1 Local Privilege Escalation Vulnerability in Polkit's pkexec Utility CVE-2021-4034
CV_2021_12_1 Vulnerability in Apache Log4j Logging Libraries Impacting Commvault Products CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-4104, CVE-2021-44832
CV_2021_08_1 Authentication Bypass Vulnerabilities on CVWebService Endpoint
CVE-2021-41303 Apache Shiro Spring Boot Improper Authentication
CVE-2022-22950 Spring Expression DoS Vulnerability
carbon_black Vulnerability with Carbon Black Software
ripplace Commvault Ransomware Protection Is Safe from RIPlace
mongodb Security Vulnerability With MongoDB Versions