VYPR

Maven package

org.apache.kyuubi/kyuubi-server_2.12

pkg:maven/org.apache.kyuubi/kyuubi-server_2.12

Vulnerabilities (1)

  • CVE-2025-66518Jan 5, 2026
    affected >= 1.6.0, < 1.10.3fixed 1.10.3

    Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. Users are recom