Количество 2
Количество 2
CVE-2022-43396
около 3 лет назад
In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf.
CVSS3: 8.8
EPSS: Низкий
GHSA-f5q9-j9r2-34gq
около 3 лет назад
Apache Kylin vulnerable to Command injection by Useless configuration
CVSS3: 8.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43396 In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf. | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
| GHSA-f5q9-j9r2-34gq Apache Kylin vulnerable to Command injection by Useless configuration | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу
20