Maven package
org.apache.drill.exec/drill-java-exec
pkg:maven/org.apache.drill.exec/drill-java-exec
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48362 | — | >= 1.19.0, < 1.21.2 | 1.21.2 | Jul 24, 2024 | XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue. |
- CVE-2023-48362Jul 24, 2024affected >= 1.19.0, < 1.21.2fixed 1.21.2
XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue.