CVE-2022-45470

CVE-2022-45470: Apache Hama allows XSS and information disclosure

Vendor Apache Software Foundation

Product Apache Hama

Weakness CWE-20 · Input validation

Published November 21, 2022

Last update April 29, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.

Key dates

Disclosure timeline

November 21, 2022 CVE published

April 29, 2025 Record updated