A vulnerability was found in Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only). Reference: https://sphinxsearch.com/blog/ https://blog.wirhabenstil.de/2019/08/19/sphinxsearch-0-0-0-09306-cve-2019-14511/ http://sphinxsearch.com/docs/sphinx3.html#getting-started-on-linux-and-macos
Created sphinx tracking bugs for this issue: Affects: fedora-all [bug 1749190]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.