3 matches found
CVE-2022-23974 Pinot segment push endpoint has a vulnerability in unprotected environments
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974 Pinot segment push endpoint has a vulnerability in unprotected environments
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
CVE-2022-23974
CVE-2022-23974 affects Apache Pinot 0.9.3 and older: the segment upload path allowed importing segment directories into Pinot tables in environments where the controller is openly accessible. The issue can be exploited by a specially crafted request to disrupt Pinot service. Remediation: upgrade ...