org.apache.kylin:kylin-server-base@2.2.0 vulnerabilities
-
latest version
4.0.4
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
4 months ago
-
licenses detected
- [1.5.3,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.kylin:kylin-server-base package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.kylin:kylin-server-base is a distributed analytical engine designed to provide OLAP capability for big data. Affected versions of this package are vulnerable to Command Injection due to the How to fix Command Injection? Upgrade |
[2.0.0,4.0.3)
|
org.apache.kylin:kylin-server-base is a distributed analytical engine designed to provide OLAP capability for big data. Affected versions of this package are vulnerable to Remote Code Execution (RCE) in cube designer function when overwriting system parameters in the configuration overwrites menu. An attacker can exploit this vulnerability by closing the single quotation marks around the parameter value of How to fix Remote Code Execution (RCE)? Upgrade |
[2.0.0,4.0.2)
|
org.apache.kylin:kylin-server-base is a distributed analytical engine designed to provide OLAP capability for big data. Affected versions of this package are vulnerable to Improper Input Validation due to the possibility to receive user input and load any class through How to fix Improper Input Validation? Upgrade |
[4.0.0-alpha,4.0.1)
[,3.1.3)
|