pkg:Maven/org.apache.kylin:kylin

13 total CVEsCRITICAL1HIGH6MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2024-23590Apache Kylin Session Fixation vulnerability
    >= 2.0.0, < 5.0.0
  • HIGH8.8CVE-2022-43396Apache Kylin vulnerable to Command injection by Useless configuration
    >= 2.0.0, < 4.0.3
  • HIGH7.5CVE-2025-61733Apache Kylin Authentication Bypass Vulnerability
    >= 4.0.0, < 5.0.3
  • HIGH7.5CVE-2025-61734Apache Kylin Files or Directories Accessible to External Parties
    >= 4.0.0, < 5.0.3
  • HIGH7.5CVE-2021-45457In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin.
    from 0, < 3.1.3
  • HIGH7.5CVE-2021-45458Use of Hard-coded Credentials in Apache Kylin
    from 0, < 3.1.3
  • HIGH7.3CVE-2025-61735Apache Kylin Server-Side Request Forgery (SSRF) Vulnerability
    >= 4.0.0, < 5.0.3
  • MEDIUM6.5CVE-2021-36774SQL Injection in Apache Kylin
    from 0, < 3.1.3
  • MEDIUM5.3CVE-2020-13937Authentication bypass in Apache Kylin
    from 0, < 3.1.1
  • CVE-2025-30067Apache Kylin Code Injection via JDBC Configuration Alteration
    >= 4.0.0, < 5.0.2
  • CVE-2021-27738Server-Side Request Forgery in Apache Kylin
    from 0, < 3.1.3
  • CVE-2021-31522Kylin can receive user input and load any class through Class.forName(...).
    from 0, < 3.1.3
  • CVE-2021-45456Command Injection in Apache Kylin
    from 0, < 4.0.1