EPSS
Percentile
52.6%
Apache Kylin is vulnerable to command injection. The vulnerability exists due to an insecure blacklist used to filter user input commands which allows an attacker to inject arbitrary commands into the system.
github.com/advisories/GHSA-f5q9-j9r2-34gq
github.com/apache/kylin/commit/fd2977e21c51f1afed668f2d9713cf562f2dc42d
github.com/apache/kylin/pull/2011
lists.apache.org/thread/ob2ks04zl5ms0r44cd74y1xdl1rzfd1r