Amazon EMR 安全漏洞

Amazon EMR is a hosted clustering platform from Amazon.com, USA. A security vulnerability exists in Amazon EMR that stems from a keytab file stored in the /tmp/ directory that could lead to elevation of privilege...

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.10), com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0) +106 more potentially affected by CVE-2018-1284 via org.apache.hive:hive-exec (>=0.8.0 <=2.3.2)

org.apache.hive:hive-exec MAVEN version =0.8.0, =3.18.0.9, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =0.1.1, =4.0.0-preview22.0.1, =1.0.5, =0.1.5, =0.1.5, =0.3.3 and more Source cves: CVE-2018-1284 Source advisory: OSV:GHSA-RXMR-C9JM-7MM8...

Security Misconfiguration Vulnerability in the AWS SDK for PHP

SECURITY FIX: This release addresses a security issue associated with CVE-2015-5723, specifically, fixes improper default directory umask behavior that could potentially allow unauthorized modifications of PHP code. Thanks to @ryan-lane for the initial report. Aws\Ec2 - Added support for...