Every CVE whose affected-product data names Apache Pinot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-26112 — CVSS 9.8 (critical): In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected…
CVE-2024-56325 — CVSS 9.8 (critical): Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and…
CVE-2022-23974 — CVSS 7.5 (high): In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot…
CVE-2024-39676 — CVSS 7.5 (high): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. This issue affects Apache Pinot: from 0.1 before…