Unrated severityNVD Advisory· Published Mar 9, 2021· Updated Feb 13, 2025

Oozie local privilege escalation

CVE-2020-35451

Description

There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Apache/Ooziellm-fuzzy
Range: <5.2.1
Apache Software Foundation/Apache Ooziev5
Range: unspecified

Patches

Vulnerability mechanics

References

www.openwall.com/lists/oss-security/2021/03/09/2mitremailing-listx_refsource_MLIST
lists.apache.org/thread.html/r8688debdb8b586aab3e53dee2d675fc9212de0ec627a8d3cd43b5ab5%40%3Cuser.oozie.apache.org%3Emitrex_refsource_MISCmailing-listx_refsource_MLIST

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000