Home

CVE-2022-45470

Description

missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.241

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2022-45470 are affected in Apache - hama-core 0.7.1Windows
Vulnerabilities CVE-2022-45470 are affected in Apache - hama-core for Linux 0.7.1Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234