Lucene search
China National Vulnerability DatabaseCNVD-2022-02487HistoryJan 10, 2022 - 12:00 a.m.
Apache Kylin Input Validation Error Vulnerability
2022-01-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.004 Low
EPSS
Percentile
72.7%
Apache Kylin is an open source distributed analytic data warehouse from the Apache Foundation. The product mainly provides SQL query interface on top of Hadoop/Spark and multi-dimensional analysis (OLAP) and other functions. Apache kylin has an input validation error vulnerability, which stems from the fact that Kylin can take user input and load any class via class . forname(…) to load any class. No details of the vulnerability are available.
Related
osv
osv
CVE-2021-31522
2022-01-06 13:15:08
Kylin can receive user input and load any class through Class.forName(...).
2022-01-08 00:43:01
cvelist
cvelist
CVE-2021-31522 Apache Kylin unsafe class loading
2022-01-06 12:35:18
nvd
nvd
CVE-2021-31522
2022-01-06 13:15:08
cve
cve
CVE-2021-31522
2022-01-06 13:15:08
prion
prion
Design/Logic Flaw
2022-01-06 13:15:00
veracode
veracode
Privilege Escalation
2022-01-07 04:22:07
github
github
Kylin can receive user input and load any class through Class.forName(...).
2022-01-08 00:43:01