oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2022-34271: Apache Atlas: zip path traversal in import functionality

From: Madhan Neethiraj <madhan () apache org>
Date: Wed, 14 Dec 2022 01:07:22 +0000
Severity: moderate

Description:

A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem.  This 
issue affects Apache Atlas versions from 0.8.4 to 2.2.0.

This issue is being tracked as ATLAS-4622 

Credit:

Huangzhicong (finder)

References:

https://atlas.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-34271
https://issues.apache.org/jira/browse/ATLAS-4622
Previous By Date Next
Previous By Thread Next

Current thread: