Lucene search
ApacheCVELIST:CVE-2021-31522HistoryJan 06, 2022 - 12:35 p.m.
CVE-2021-31522 Apache Kylin unsafe class loading
2022-01-0612:35:18
apache
www.cve.org
Kylin can receive user input and load any class through Class.forName(…). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions.
CNA Affected
[
{
"product": "Apache Kylin",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.6.6",
"status": "affected",
"version": "Apache Kylin 2",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "Apache Kylin 3",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.0.0",
"status": "affected",
"version": "Apache Kylin 4",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2021-31522
2022-01-06 13:15:08
Kylin can receive user input and load any class through Class.forName(...).
2022-01-08 00:43:01
nvd
nvd
CVE-2021-31522
2022-01-06 13:15:08
veracode
veracode
Privilege Escalation
2022-01-07 04:22:07
github
github
Kylin can receive user input and load any class through Class.forName(...).
2022-01-08 00:43:01
cve
cve
CVE-2021-31522
2022-01-06 13:15:08
cnvd
cnvd
Apache Kylin Input Validation Error Vulnerability
2022-01-10 00:00:00
prion
prion
Design/Logic Flaw
2022-01-06 13:15:00