Lucene search
GoogleOSV:CVE-2021-36774HistoryJan 06, 2022 - 1:15 p.m.
CVE-2021-36774
2022-01-0613:15:08
Google
osv.dev
4
apache kylin
data leakage
code execution
mysql
jdbc driver
vulnerability
Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions.
Related
cvelist
cvelist
CVE-2021-36774 Mysql JDBC Connector Deserialize RCE
2022-01-06 12:35:20
prion
prion
Code injection
2022-01-06 13:15:00
osv
osv
SQL Injection in Apache Kylin
2022-01-08 00:43:04
cnvd
cnvd
Apache Kylin permission permission and access control issues vulnerability
2022-01-08 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2022-01-07 12:20:13
github
github
SQL Injection in Apache Kylin
2022-01-08 00:43:04
nvd
nvd
CVE-2021-36774
2022-01-06 13:15:08
cve
cve
CVE-2021-36774
2022-01-06 13:15:08