2 matches found
CVE-2025-26796
CVE-2025-26796 concerns Apache Oozie, stating a Cross-site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. The vulnerability affects Apache Oozie across all versions and, per the sources, the project is retired with no planned patch; users are ...
CVE-2020-35451
CVE-2020-35451 affects Apache Oozie (OozieSharelibCLI component). A race condition during the creation of Oozie sharelib in versions prior to 5.2.1 allows a malicious attacker to replace files in Oozie’s sharelib while it is being created. The core issue is concurrent access to shared resources w...