CVE-2022-43396

Posted on 2022년 12월 30일2022년 12월 30일 by admin

CVE-2022-43396

In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf.

Source: CVE-2022-43396

답글 남기기 응답 취소