Maven package
org.apache.kyuubi/kyuubi-server_2.12
pkg:maven/org.apache.kyuubi/kyuubi-server_2.12
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-66518 | — | >= 1.6.0, < 1.10.3 | 1.10.3 | Jan 5, 2026 | Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. Users are recom |
- CVE-2025-66518Jan 5, 2026affected >= 1.6.0, < 1.10.3fixed 1.10.3
Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. Users are recom