CVE-2020-1937 is a vulnerability in Apache Kylin
Published on February 24, 2020

Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.

NVD

Products Associated with CVE-2020-1937

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-1937 are published in Apache Kylin:

Apache Kylin

Affected Versions

Apache Kylin:

Version ApacheKylin 2.3.0 to 2.3.2 is affected.
Version 2.4.0 to 2.4.1 is affected.
Version 2.5.0 to 2.5.2 is affected.
Version 2.6.0 to 2.6.4 is affected.
Version 3.0.0-alpha is affected.
Version 3.0.0-alpha2 is affected.
Version 3.0.0-beta is affected.
Version 3.0.0 is affected.

Exploit Probability

EPSS

6.60%

Percentile

90.98%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-1937 is a vulnerability in Apache KylinPublished on February 24, 2020

Products Associated with CVE-2020-1937

Affected Versions

Exploit Probability

CVE-2020-1937 is a vulnerability in Apache Kylin
Published on February 24, 2020