5 matches found
CVE-2025-30067
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Kylin. If an attacker gets access to Kylin's system or project admin permission, the JDBC connection configuration maybe altered to execute arbitrary code from the remote. You are fine as long as the Kylin's system an...
org.apache.kylin:kylin-query (=4.0.0-alpha), org.apache.kylin:kylin-spark-engine (=4.0.0-alpha) +4 more potentially affected by CVE-2025-30067 via org.apache.kylin:kylin-datasource-sdk (=4.0.0-alpha)
org.apache.kylin:kylin-datasource-sdk MAVEN version =4.0.0-alpha is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kylin:kylin-datasource-sdk and may be impacted: - org.apache.kylin:kylin-query =4.0.0-alpha - org.apache.kylin:kylin-spark-engin...
CVE-2025-30067
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Kylin. If an attacker gets access to Kylin's system or project admin permission, the JDBC connection configuration maybe altered to execute arbitrary code from the remote. You are fine as long as the Kylin's system an...
CVE-2025-30067 Apache Kylin: The remote code execution via jdbc url
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Kylin. If an attacker gets access to Kylin's system or project admin permission, the JDBC connection configuration maybe altered to execute arbitrary code from the remote. You are fine as long as the Kylin's system an...
CVE-2025-30067
creationtimestamp| type| source ---|---|--- 2025-03-27 02:03:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lld7iplco52r 2025-03-27 16:27:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9138 2025-03-27 16:39:08+00:00| seen| https://t.me/cvedetector/21298...