Lucene search
GoogleOSV:GHSA-5429-PJWW-7675HistoryJan 08, 2022 - 12:43 a.m.
SQL Injection in Apache Kylin
2022-01-0800:43:04
Google
osv.dev
13
apache kylin
sql injection
arbitrary code execution
mysql
jdbc driver
EPSS
0.001
Percentile
29.5%
Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions.
Related
osv
osv
CVE-2021-36774
2022-01-06 13:15:08
cvelist
cvelist
CVE-2021-36774 Mysql JDBC Connector Deserialize RCE
2022-01-06 12:35:20
prion
prion
Code injection
2022-01-06 13:15:00
cnvd
cnvd
Apache Kylin permission permission and access control issues vulnerability
2022-01-08 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2022-01-07 12:20:13
github
github
SQL Injection in Apache Kylin
2022-01-08 00:43:04
nvd
nvd
CVE-2021-36774
2022-01-06 13:15:08
cve
cve
CVE-2021-36774
2022-01-06 13:15:08