Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
unzip directory traversal
Vulnerability Description
When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache AsterixDB 路径遍历漏洞
Vulnerability Description
Apache AsterixDB是 Apache开源的一个数据库管理软件。提供一个可扩展的开源大数据管理系统 Apache AsterixDB 存在安全漏洞,该漏洞源于在加载UDF时,一个特别制作的zip文件可以将文件放置在UDF部署目录之外。
CVSS Information
N/A
Vulnerability Type
N/A