CVE-2020-35451

There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation...

com.github.sakserv:hadoop-mini-clusters (=0.0.14), com.github.sakserv:hadoop-mini-clusters-oozie (>=0.1.1 <=0.1.16) +13 more potentially affected by CVE-2025-26796 via org.apache.oozie:oozie-core (>=4.1.0 <=5.2.1)

org.apache.oozie:oozie-core MAVEN version =4.1.0, =0.1.1, =1.0, =1.2, =4.2.0, =5.2.0, =4.1.0, =4.2.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =5.2.1 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2025-26796 Source advisory: SNYK:JAVA-ORGAPACHEOOZIE-9512888...

CVE-2020-35451 Oozie local privilege escalation

There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation...