Back to search
CVE-2020-9479
Published: Mar 1, 2021
Modified: Feb 13, 2025
PUBLISHED
Description
When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache AsterixDB | affected Apache AsterixDB git |
References
https://www.openwall.com/lists/oss-security/2020/08/08/2
x_refsource_MISC
[asterixdb-dev] 20210301 Re: [EXT] Re: CVE Publication Service Request 941606
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now