CVE-2023-48362 - Apache Drill XML Format Plugin XXE Remote File System Access and Command Execution Vulnerability
CVE ID : CVE-2023-48362 Published : July 24, 2024, 8:15 a.m. | 2 hours, 44 minutes ago Description : XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-48362
Published : July 24, 2024, 8:15 a.m. | 2 hours, 44 minutes ago
Description : XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 24, 2024, 8:15 a.m. | 2 hours, 44 minutes ago
Description : XXE in the XML Format Plugin in Apache Drill version 1.19.0 and greater allows a user to read any file on a remote file system or execute commands via a malicious XML file. Users are recommended to upgrade to version 1.21.2, which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
