Vulnerabilities for Oozie (...) - CXSECURITY.COM

Vulnerabilities for 'Oozie'

2021-03-09

CVE-2020-35451

CWE-362

There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.

2018-12-19

CVE-2018-11799

CWE-20

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.

2018-02-19

CVE-2017-15712

CWE-22

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host.

>>> Vendor: Apache 247 Products

Mod auth radius

Coyote http connector

Open for business project

Tomcat jk web server connector

Myfaces tomahawk

Apache webserver

Apache http server

Portable runtime

Apache commons daemon

Http server2.0a1

Http server2.0a2

Http server2.0a3

Http server2.0a4

Http server2.0a5

Http server2.0a6

Http server2.0a7

Http server2.0a8

Http server2.0a9

Commons-compress

Org.apache.sling.servlets.post

Commons-httpclient

Commons fileupload

Struts2-showcase

Xml security for c++

Xml security for java

Sling auth core component

Httpasyncclient

Mod auth mellon

Santuario xml security for java

Standard taglibs

See all Products for Vendor Apache

Copyright 2024, cxsecurity.com