VYPR
Unrated severityNVD Advisory· Published Mar 17, 2021· Updated Feb 13, 2025

CVE-2020-13924

CVE-2020-13924

Description

In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files.

Affected products

2
  • Apache/Ambarillm-fuzzy
    Range: <=2.6.2.2
  • Apache Software Foundation/Apache Ambariv5
    Range: Apache Ambari

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.