VYPR

Maven package

org.apache.drill.exec/drill-java-exec

pkg:maven/org.apache.drill.exec/drill-java-exec

Vulnerabilities (1)

  • CVE-2023-48362Jul 24, 2024
    affected >= 1.19.0, < 1.21.2fixed 1.21.2

    XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue.