3 matches found
CVE-2024-56325
Apache Pinot
CVE-2022-23974
CVE-2022-23974 affects Apache Pinot 0.9.3 and older: the segment upload path allowed importing segment directories into Pinot tables in environments where the controller is openly accessible. The issue can be exploited by a specially crafted request to disrupt Pinot service. Remediation: upgrade ...
CVE-2022-26112
CVE-2022-26112 affects Apache Pinot 0.10.0 and earlier, where Groovy function support is enabled by default in the Pinot query endpoint and realtime ingestion layer, causing a vulnerability in unprotected environments. The issue is mitigated by disabling Groovy support by default beginning with P...