97 matches found
CVE-2022-26112
In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...
Information disclosure
In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...
CVE-2022-26112 Pinot query endpoint and the realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support
In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...
CVE-2022-26112 Pinot query endpoint and the realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support
In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...
CVE-2022-26112
CVE-2022-26112 affects Apache Pinot 0.10.0 and earlier, where Groovy function support is enabled by default in the Pinot query endpoint and realtime ingestion layer, causing a vulnerability in unprotected environments. The issue is mitigated by disabling Groovy support by default beginning with P...
PT-2022-17682 · Apache · Apache Pinot
Name of the Vulnerable Software and Affected Versions: Apache Pinot versions 0.10.0 and earlier Description: The issue is related to the groovy function support in the Pinot query endpoint and realtime ingestion layer, which poses a risk in unprotected environments. The estimated number of...
Apache Pinot 安全漏洞
Apache Pinot is the U.S. Apache Apache Foundation, a real-time distributed OLAP data store. It is designed to provide ultra-low latency analytics. A security vulnerability exists in Apache Pinot 0.11.0 and earlier versions, which stems from a vulnerability in the groovy feature support...
Apache Pinot Denial of Service Vulnerability
Apache Pinot is a real-time distributed OLAP data store from the Apache Foundation, Inc. Designed to provide ultra-low latency analysis, Apache Pinot 0.9.3 and earlier versions contain a denial-of-service vulnerability that could be exploited by an attacker to cause a Pinot service outage via a...
Logic error in Apache Pinot
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
GHSA-29F8-Q7MF-7CQJ Logic error in Apache Pinot
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
Design/Logic Flaw
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974 Pinot segment push endpoint has a vulnerability in unprotected environments
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974
CVE-2022-23974 affects Apache Pinot 0.9.3 and older: the segment upload path allowed importing segment directories into Pinot tables in environments where the controller is openly accessible. The issue can be exploited by a specially crafted request to disrupt Pinot service. Remediation: upgrade ...
Apache Pinot 安全漏洞
Apache Pinot is a real-time distributed OLAP data store from the Apache Foundation, Inc. Designed to provide ultra-low latency analysis, Apache Pinot 0.9.3 and earlier versions contain a denial-of-service vulnerability that could be exploited by an attacker to cause a Pinot service outage via a...