org.apache.oozie:oozie-core@5.0.0-beta1 vulnerabilities
latest version
5.2.1
first published
10 years ago
latest version published
4 years ago
licenses detected
- [4.1.0,)
package registry
Direct Vulnerabilities
Known vulnerabilities in the org.apache.oozie:oozie-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Fix vulnerabilities automatically
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
org.apache.oozie:oozie-core is a system to define, manage, schedule, and execute complex Hadoop workloads via web services. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in an unspecified component. Note: This project is no longer actively maintained so no fix is expected. How to fix Cross-site Scripting (XSS)? There is no fixed version for | [0,) |
org.apache.oozie:oozie-core is a system to define, manage, schedule, and execute complex Hadoop workloads via web services. Affected versions of this package are vulnerable to User Impersonation. A malicious user could construct an XML that results in workflows running in another user's name. How to fix User Impersonation? Upgrade org.apache.oozie:oozie-core to version 5.0.1 or higher. | [3.1.3,5.0.1) |