[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2022-45470: Apache Hama allows XSS and information disclosure
From: Arnout Engelen <engelen () apache ! org>
Date: 2022-11-21 9:31:56
Message-ID: 84f5841b-254c-a670-c0b2-74cd3780d0ed () apache ! org
[Download RAW message or body]
Description:
** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may=
cause information disclosure through path traversal and XSS. Since Apache =
Hama is EOL, we do not expect these issues to be fixed.
Credit:
Apache would like to thank QSec-Team for reporting this issue
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic