Severity: low
Affected versions:
- Apache Kylin 4.0.0 through 5.0.1
Description:
Improper Control of Generation of Code ('Code Injection') vulnerability in
Apache Kylin.
If an attacker gets access to Kylin's system or project admin permission, the
JDBC connection configuration maybe altered
Severity: low
Affected versions:
- Apache Kylin 5.0.0 through 5.0.1
Description:
Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. Through a
kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag"
api on another internal host and possibly get leaked infor
Hi all,
With 6 binding +1 votes and 2 non-binding +1 votes, the Apache Kylin 5.0.2
is released. Download links will be updated on the website shortly.
This is a maintenance release containing 55 bug fixes and 24 enhancements.
All issue details are at this link:
https://issues.apache.org/ji
