Lucene search

Alluxio Security Vulnerabilities

cve

CVE-2023-38889

An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of...

9.8CVSS

9.5AI Score

0.001EPSS

2023-08-15 05:15 PM

276

cve

CVE-2020-21485

Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board...

6.1CVSS

6.2AI Score

0.001EPSS

2023-06-20 03:15 PM

cve

CVE-2022-23848

In Alluxio before 2.7.3, the logserver does not validate the input stream. NOTE: this is not the same as the CVE-2021-44228 Log4j...

9.8CVSS

9.8AI Score

0.002EPSS

2022-02-20 07:15 PM

201

In Wild