2 matches found
PT-2025-7446 · Hitachi Vantara · Pentaho Data Integration & Analytics
Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x Description: The product receives input from an upstream component but does not restrict or incorrectly restricts the input before it...
CVE-2022-42468
Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution RCE attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol...