| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-27522 |
444 |
|
|
2023-03-07 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. |
|
2 |
CVE-2023-26464 |
502 |
|
DoS |
2023-03-10 |
2023-03-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested) hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized. This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
3 |
CVE-2023-25956 |
209 |
|
|
2023-02-24 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1. |
|
4 |
CVE-2023-25696 |
20 |
|
|
2023-02-24 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3. |
|
5 |
CVE-2023-25695 |
209 |
|
|
2023-03-15 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2. |
|
6 |
CVE-2023-25693 |
20 |
|
|
2023-02-24 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1. |
|
7 |
CVE-2023-25692 |
20 |
|
|
2023-02-24 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. |
|
8 |
CVE-2023-25691 |
20 |
|
|
2023-02-24 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. |
|
9 |
CVE-2023-25690 |
444 |
|
Bypass |
2023-03-07 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. |
|
10 |
CVE-2023-25621 |
|
|
|
2023-02-23 |
2023-03-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Privilege Escalation vulnerability in Apache Software Foundation Apache Sling. Any content author is able to create i18n dictionaries in the repository in a location the author has write access to. As these translations are used across the whole product, it allows an author to change any text or dialog in the product. For example an attacker might fool someone by changing the text on a delete button to "Info". This issue affects the i18n module of Apache Sling up to version 2.5.18. Version 2.6.2 and higher limit by default i18m dictionaries to certain paths in the repository (/libs and /apps). Users of the module are advised to update to version 2.6.2 or higher, check the configuration for resource loading and then adjust the access permissions for the configured path accordingly. |
|
11 |
CVE-2023-25613 |
74 |
|
|
2023-02-20 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3. |
|
12 |
CVE-2023-25194 |
502 |
|
|
2023-02-07 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A possible security vulnerability has been identified in Apache Kafka Connect. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka 2.3.0. When configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config` property for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the `producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath. Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector client override policy that permits them. Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0. We advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally, in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot. |
|
13 |
CVE-2023-25141 |
74 |
|
|
2023-02-14 |
2023-02-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDNI and RMI. Users of Apache Sling JCR Base are recommended to upgrade to Apache Sling JCR Base 3.1.12 or later, or to run on a more recent JDK. |
|
14 |
CVE-2023-24998 |
770 |
|
|
2023-02-20 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured. |
|
15 |
CVE-2023-24997 |
502 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it. |
|
16 |
CVE-2023-24977 |
125 |
|
|
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it. |
|
17 |
CVE-2023-24830 |
287 |
|
|
2023-01-30 |
2023-03-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3. |
|
18 |
CVE-2023-24829 |
863 |
|
|
2023-01-31 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards. |
|
19 |
CVE-2023-23638 |
502 |
|
Exec Code |
2023-03-08 |
2023-03-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions. |
|
20 |
CVE-2023-22884 |
77 |
|
Sql |
2023-01-21 |
2023-01-31 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0. |
|
21 |
CVE-2023-22849 |
79 |
|
XSS |
2023-02-04 |
2023-02-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling App CMS >= 1.1.6 |
|
22 |
CVE-2023-22832 |
611 |
|
|
2023-02-10 |
2023-02-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations and disallows XML External Entity resolution in the ExtractCCDAAttributes Processor. |
|
23 |
CVE-2022-47500 |
601 |
|
|
2022-12-19 |
2022-12-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue. |
|
24 |
CVE-2022-46870 |
79 |
|
XSS |
2022-12-16 |
2022-12-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Zeppelin allows logged-in users to execute arbitrary javascript in other users' browsers. This issue affects Apache Zeppelin before 0.8.2. Users are recommended to upgrade to a supported version of Zeppelin. |
|
25 |
CVE-2022-46769 |
79 |
|
XSS |
2023-01-09 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in the site group feature. Upgrade to Apache Sling App CMS >= 1.1.4 |
|
26 |
CVE-2022-46421 |
77 |
|
|
2022-12-20 |
2022-12-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0. |
|
27 |
CVE-2022-46366 |
502 |
|
Exec Code |
2022-12-02 |
2023-02-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no longer supported by the maintainer. Users are recommended to upgrade to a supported version line of Apache Tapestry. |
|
28 |
CVE-2022-46364 |
918 |
|
|
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. |
|
29 |
CVE-2022-46363 |
20 |
|
|
2022-12-13 |
2022-12-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured. |
|
30 |
CVE-2022-45935 |
319 |
|
|
2023-01-06 |
2023-01-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions. |
|
31 |
CVE-2022-45910 |
|
|
|
2022-12-07 |
2022-12-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper neutralization of special elements used in an LDAP query ('LDAP Injection') vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache ManifoldCF allows an attacker to manipulate the LDAP search queries (DoS, additional queries, filter manipulation) during user lookup, if the username or the domain string are passed to the UserACLs servlet without validation. This issue affects Apache ManifoldCF version 2.23 and prior versions. |
|
32 |
CVE-2022-45875 |
20 |
|
Exec Code |
2023-01-04 |
2023-01-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior versions; version 3.1.0 and prior versions. |
|
33 |
CVE-2022-45787 |
312 |
|
|
2023-01-06 |
2023-01-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later. |
|
34 |
CVE-2022-45786 |
89 |
|
Exec Code Sql |
2023-02-04 |
2023-02-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition to the latest version of AGE that is used for PostgreSQL 11 or PostgreSQL 12. The update of AGE will add a new function to enable parameterization of the cypher() function, which, in conjunction with the driver updates, will resolve this issue. Background (for those who want more information): After thoroughly researching this issue, we found that due to the nature of the cypher() function, it was not easy to parameterize the values passed into it. This enabled SQL injections, if the developer of the driver wasn't careful. The developer of the Golang and Pyton drivers didn't fully utilize parameterization, likely because of this, thus enabling SQL injections. The obvious fix to this issue is to use parameterization in the drivers for all PG SQL queries. However, parameterizing all PG queries is complicated by the fact that the cypher() function call itself cannot be parameterized directly, as it isn't a real function. At least, not the parameters that would take the graph name and cypher query. The reason the cypher() function cannot have those values parameterized is because the function is a placeholder and never actually runs. The cypher() function node, created by PG in the query tree, is transformed and replaced with a query tree for the actual cypher query during the analyze phase. The problem is that parameters - that would be passed in and that the cypher() function transform needs to be resolved - are only resolved in the execution phase, which is much later. Since the transform of the cypher() function needs to know the graph name and cypher query prior to execution, they can't be passed as parameters. The fix that we are testing right now, and are proposing to use, is to create a function that will be called prior to the execution of the cypher() function transform. This new function will allow values to be passed as parameters for the graph name and cypher query. As this command will be executed prior to the cypher() function transform, its values will be resolved. These values can then be cached for the immediately following cypher() function transform to use. As added features, the cached values will store the calling session's pid, for validation. And, the cypher() function transform will clear this cached information after function invocation, regardless of whether it was used. This method will allow the parameterizing of the cypher() function indirectly and provide a way to lock out SQL injection attacks. |
|
35 |
CVE-2022-45470 |
20 |
|
XSS |
2022-11-21 |
2023-03-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPPORTED WHEN ASSIGNED **missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed. |
|
36 |
CVE-2022-45462 |
77 |
|
|
2022-11-23 |
2023-03-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Alarm instance management has command injection when there is a specific command configured. It is only for logged-in users. We recommend you upgrade to version 2.0.6 or higher |
|
37 |
CVE-2022-45438 |
668 |
|
|
2023-01-16 |
2023-01-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
When explicitly enabling the feature flag DASHBOARD_CACHE (disabled by default), the system allowed for an unauthenticated user to access dashboard configuration metadata using a REST API Get endpoint. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. |
|
38 |
CVE-2022-45402 |
601 |
|
|
2022-11-15 |
2022-11-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint. |
|
39 |
CVE-2022-45378 |
287 |
|
Exec Code |
2022-11-14 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPPORTED WHEN ASSIGNED **In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the classpath that meet certain criteria. Depending on what classes are available on the classpath this might even lead to arbitrary remote code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
40 |
CVE-2022-45347 |
459 |
|
Exec Code |
2022-12-22 |
2022-12-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apache ShardingSphere 5.3.0. |
|
41 |
CVE-2022-45143 |
74 |
|
|
2023-01-03 |
2023-01-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. |
|
42 |
CVE-2022-45136 |
502 |
|
|
2022-11-14 |
2022-11-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a result an application using Apache Jena SDB can be subject to RCE when connected to a malicious database server. Apache Jena SDB has been EOL since December 2020 and users should migrate to alternative options e.g. Apache Jena TDB 2. |
|
43 |
CVE-2022-45047 |
502 |
|
|
2022-11-16 |
2022-11-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. |
|
44 |
CVE-2022-45046 |
|
|
|
2022-12-05 |
2022-12-19 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |
|
45 |
CVE-2022-44645 |
502 |
|
Exec Code |
2023-01-31 |
2023-02-07 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users to upgrade the version of Linkis to version 1.3.1. |
|
46 |
CVE-2022-44644 |
20 |
|
|
2023-01-31 |
2023-03-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1 |
|
47 |
CVE-2022-44635 |
22 |
|
Exec Code Dir. Trav. |
2022-11-29 |
2022-12-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component of Apache Fineract, allowing an attacker to run remote code. This issue affects Apache Fineract version 1.8.0 and prior versions. We recommend users to upgrade to 1.8.1. |
|
48 |
CVE-2022-44621 |
77 |
|
|
2022-12-30 |
2023-01-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request. |
|
49 |
CVE-2022-43985 |
601 |
|
|
2022-11-02 |
2022-11-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint. |
|
50 |
CVE-2022-43982 |
79 |
|
XSS |
2022-11-02 |
2022-11-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. |
