Vulnerabilities > Alluxio

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-15	CVE-2023-38889	Code Injection vulnerability in Alluxio An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String). network low complexity alluxio CWE-94 critical	9.8
2023-06-20	CVE-2020-21485	Cross-site Scripting vulnerability in Alluxio 1.8.1 Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component. network low complexity alluxio CWE-79	6.1
2022-02-20	CVE-2022-23848	Unspecified vulnerability in Alluxio In Alluxio before 2.7.3, the logserver does not validate the input stream. network low complexity alluxio critical	9.8

Vulnerabilities > Alluxio {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Alluxio"}]}