Apache HugeGraph-Server: Command execution in gremlin
Critical severity
GitHub Reviewed
Published
Apr 22, 2024
to the GitHub Advisory Database
•
Updated Dec 16, 2024
Description
Published by the National Vulnerability Database
Apr 22, 2024
Published to the GitHub Advisory Database
Apr 22, 2024
Reviewed
Apr 22, 2024
Last updated
Dec 16, 2024
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11
Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
References