There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/03/09/2 | Mailing List Third Party Advisory |
https://lists.apache.org/thread.html/r8688debdb8b586aab3e53dee2d675fc9212de0ec627a8d3cd43b5ab5%40%3Cuser.oozie.apache.org%3E | Mailing List Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2021-03-09T15:20:13
Updated: 2021-03-09T18:06:29
Reserved: 2020-12-14T00:00:00
Link: CVE-2020-35451
JSON object: View
NVD Information
Status : Modified
Published: 2021-03-09T16:15:13.787
Modified: 2023-11-07T03:21:54.567
Link: CVE-2020-35451
JSON object: View
Redhat Information
No data.