Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apache Subscribe
Filtered by product Oozie
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35451 1 Apache 1 Oozie 2021-03-12 1.9 LOW 4.7 MEDIUM
There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.
CVE-2018-11799 1 Apache 1 Oozie 2019-02-06 4.0 MEDIUM 6.5 MEDIUM
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
CVE-2017-15712 1 Apache 1 Oozie 2018-03-16 6.8 MEDIUM 6.5 MEDIUM
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host.