missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/11/21/1 | Mailing List Third Party Advisory |
https://lists.apache.org/thread/ztvoshd4kxvp5vlro52mpgpfxct4ft8l | Issue Tracking Mailing List Vendor Advisory |
Configurations
History
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
Summary | missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed. |
13 Mar 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | ** UNSUPPPORTED WHEN ASSIGNED **missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed. |
23 Nov 2022, 17:52
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 |
CWE-20 |
First Time |
Apache
Apache hama |
|
CPE | cpe:2.3:a:apache:hama:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/11/21/1 - Mailing List, Third Party Advisory | |
References | (MISC) https://lists.apache.org/thread/ztvoshd4kxvp5vlro52mpgpfxct4ft8l - Issue Tracking, Mailing List, Vendor Advisory |
21 Nov 2022, 16:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-21 16:15
Updated : 2024-04-11 01:17
NVD link : CVE-2022-45470
Mitre link : CVE-2022-45470
CVE.ORG link : CVE-2022-45470
JSON object : View
Products Affected
apache
- hama
CWE
CWE-20
Improper Input Validation