An issue in Alluxio v.2.9.3 and before allows an malicious user to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alluxio alluxio |