High severityNVD Advisory· Published Dec 14, 2022· Updated Apr 18, 2025
Apache Atlas: zip path traversal in import functionality
CVE-2022-34271
Description
A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.atlas:apache-atlasMaven | >= 0.8.4, < 2.3.0 | 2.3.0 |
Affected products
2Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-p782-4j23-xqcgghsaADVISORY
- lists.apache.org/thread/0rqvcxo6brmos9w3lzfsdn2lsmlblpw3ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-34271ghsaADVISORY
- github.com/apache/atlas/commit/3415913d252597c24c6b5d19d315375a49e64152ghsaWEB
- issues.apache.org/jira/browse/ATLAS-4622ghsaWEB
News mentions
0No linked articles in our index yet.