oss-sec mailing list archives
CVE-2022-34271: Apache Atlas: zip path traversal in import functionality
From: Madhan Neethiraj <madhan () apache org>
Date: Wed, 14 Dec 2022 01:07:22 +0000
Severity: moderate Description: A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0. This issue is being tracked as ATLAS-4622 Credit: Huangzhicong (finder) References: https://atlas.apache.org/ https://www.cve.org/CVERecord?id=CVE-2022-34271 https://issues.apache.org/jira/browse/ATLAS-4622
Current thread:
- CVE-2022-34271: Apache Atlas: zip path traversal in import functionality Madhan Neethiraj (Dec 14)