6 matches found
com.github.sakserv:hadoop-mini-clusters (=0.0.14), com.github.sakserv:hadoop-mini-clusters-oozie (>=0.1.1 <=0.1.16) +13 more potentially affected by CVE-2025-26796 via org.apache.oozie:oozie-core (>=4.1.0 <=5.2.1)
org.apache.oozie:oozie-core MAVEN version =4.1.0, =0.1.1, =1.0, =1.2, =4.2.0, =5.2.0, =4.1.0, =4.2.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =5.2.1 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2025-26796 Source advisory: SNYK:JAVA-ORGAPACHEOOZIE-9512888...
com.github.sakserv:hadoop-mini-clusters (=0.0.14), com.github.sakserv:hadoop-mini-clusters-oozie (>=0.1.1 <=0.1.16) +13 more potentially affected by CVE-2025-26796 via org.apache.oozie:oozie-core (>=4.1.0 <=5.2.1)
org.apache.oozie:oozie-core MAVEN version =4.1.0, =0.1.1, =1.0, =1.2, =4.2.0, =5.2.0, =4.1.0, =4.2.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =5.2.1 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2025-26796 Source advisory: OSV:GHSA-FMXW-76XQ-CMQQ...
Cross-site Scripting (XSS)
Overview org.apache.oozie:oozie-core is a system to define, manage, schedule, and execute complex Hadoop workloads via web services. Affected versions of this package are vulnerable to Cross-site Scripting XSS in an unspecified component. Note: This project is no longer actively maintained so no...
com.github.sakserv:hadoop-mini-clusters (=0.0.14), de.m3y.oozie.prometheus:oozie-prometheus-job-event-listener (>=1.0 <=1.2) +10 more potentially affected by CVE-2017-15712 via org.apache.oozie:oozie-core (>=4.1.0 <=4.2.0)
org.apache.oozie:oozie-core MAVEN version =4.1.0, =1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.2.0 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2017-15712 Source advisory: OSV:GHSA-2FX6-R6QX-3C7H...
com.github.sakserv:hadoop-mini-clusters (=0.0.14), de.m3y.oozie.prometheus:oozie-prometheus-job-event-listener (>=1.0 <=1.2) +10 more potentially affected by CVE-2018-11799 via org.apache.oozie:oozie-core (>=4.1.0 <=4.2.0)
org.apache.oozie:oozie-core MAVEN version =4.1.0, =1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.2.0 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2018-11799 Source advisory: OSV:GHSA-WG5W-VV93-3F7W...
Unauthorized Access
oozie-core is vulnerable to unauthorized access. The vulnerability exists as an attacker could cause workflows that runs as other users simply by constructing an XML...