| |
Vulnerability CVE-2022-23974
Published: 2022-04-05
| Description: |
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release 0.10.0 fixes this. See https://docs.pinot.apache.org/basics/releases/0.10.0 |
References: |
https://lists.apache.org/thread/3dk8pf1n02p8oj2j3czbtchyjsf8khwr
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
