{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "3.1.2" }, { "introduced": "0" }, { "last_affected": "3.1.3" }, { "introduced": "0" }, { "last_affected": "3.2" }, { "introduced": "0" }, { "last_affected": "3.2.0" }, { "introduced": "0" }, { "last_affected": "3.2.0-incubating" }, { "introduced": "0" }, { "last_affected": "3.3.0" }, { "introduced": "0" }, { "last_affected": "3.3.0-rc0" }, { "introduced": "0" }, { "last_affected": "3.3.0-rc1" }, { "introduced": "0" }, { "last_affected": "3.3.1" }, { "introduced": "0" }, { "last_affected": "3.3.1-rc0" }, { "introduced": "0" }, { "last_affected": "3.3.1-rc1" }, { "introduced": "0" }, { "last_affected": "3.3.2" }, { "introduced": "0" }, { "last_affected": "3.3.2-rc0" }, { "introduced": "0" }, { "last_affected": "4.0.0" }, { "introduced": "0" }, { "last_affected": "4.0.0-rc0" }, { "introduced": "0" }, { "last_affected": "4.0.0-rc1" }, { "introduced": "0" }, { "last_affected": "4.0.0-rc3" }, { "introduced": "0" }, { "last_affected": "4.0.1" }, { "introduced": "0" }, { "last_affected": "4.0.1-rc0" }, { "introduced": "0" }, { "last_affected": "4.0.1-rc1" }, { "introduced": "0" }, { "last_affected": "4.1.0" }, { "introduced": "0" }, { "last_affected": "4.1.0-rc0" }, { "introduced": "0" }, { "last_affected": "4.1.0-rc1" }, { "introduced": "0" }, { "last_affected": "4.2.0" }, { "introduced": "0" }, { "last_affected": "4.2.0-rc0" }, { "introduced": "0" }, { "last_affected": "4.3.0" }, { "introduced": "0" }, { "last_affected": "4.3.0-rc0" }, { "introduced": "0" }, { "last_affected": "4.3.0-rc1" }, { "introduced": "0" }, { "last_affected": "5.0.0-beta1" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "7e302d26f8d4e4a49958b48e4849ce85c528548a" }, { "introduced": "0" }, { "last_affected": "4221dcfdb0d084c2e57c8216fc6145349b29aaa5" }, { "introduced": "0" }, { "last_affected": "ac6c4fc07511594f41319bd3e549d5a256be01fe" }, { "introduced": "0" }, { "last_affected": "ca0f969098ff6a49c8ae852fca7358ddebf9b5ae" }, { "introduced": "0" }, { "last_affected": "ca0f969098ff6a49c8ae852fca7358ddebf9b5ae" }, { "introduced": "0" }, { "last_affected": "2f80d42d46b3ccaba3262129c4a6cf4b3d6a66d4" }, { "introduced": "0" }, { "last_affected": "5979f85215c264e087d9cc535229e088ef25f211" }, { "introduced": "0" }, { "last_affected": "2511fcb8816c7122d679c3534ffbf77c77d9e514" }, { "introduced": "0" }, { "last_affected": "fbd2e7ab5556d9f99debce45a0f48bc522657bc5" }, { "introduced": "0" }, { "last_affected": "fdaf66a99d60244ee2daf21da3b552543a5c8553" }, { "introduced": "0" }, { "last_affected": "538fcf1803264c9fbbae1a5ce8d278fad6ec24a8" }, { "introduced": "0" }, { "last_affected": "0edf8f61d306137760589b81975cd7b42d116b84" }, { "introduced": "0" }, { "last_affected": "473da7ae75f6a0a64b750582b97ed7453c3a2715" }, { "introduced": "0" }, { "last_affected": "ae47150f00832a40a79680bb189bb9b5a9ed7423" }, { "introduced": "0" }, { "last_affected": "759af5bfd63fca6446107cc31244f815ee49d2dd" }, { "introduced": "0" }, { "last_affected": "4e91758fa198c5245acb29bfaad66d826cfcd09c" }, { "introduced": "0" }, { "last_affected": "9e75bfb6fd17a7ef573737adada9619e19c19cea" }, { "introduced": "0" }, { "last_affected": "fe8d85a4f0467f3ad7e8d7fc8ab4ebd89fa5fe3f" }, { "introduced": "0" }, { "last_affected": "40c1f1d4affeebed60d5aa4de64231846e181fc4" }, { "introduced": "0" }, { "last_affected": "fe8d85a4f0467f3ad7e8d7fc8ab4ebd89fa5fe3f" }, { "introduced": "0" }, { "last_affected": "05fbfd1f50f34b589dac6c8c2b4b485ec95957b3" }, { "introduced": "0" }, { "last_affected": "8d58cf766732e2431afc1b0f8871afdd1ee054dd" }, { "introduced": "0" }, { "last_affected": "05fbfd1f50f34b589dac6c8c2b4b485ec95957b3" }, { "introduced": "0" }, { "last_affected": "46402ac45577fcbe946ab8805ce471f83d1479dd" }, { "introduced": "0" }, { "last_affected": "46402ac45577fcbe946ab8805ce471f83d1479dd" }, { "introduced": "0" }, { "last_affected": "fababc4f65042beef88910d13bf5dec88910e4a0" }, { "introduced": "0" }, { "last_affected": "4b757158c68e4bb14dfeba5f6405bdaacaf9087f" }, { "introduced": "0" }, { "last_affected": "fababc4f65042beef88910d13bf5dec88910e4a0" }, { "introduced": "0" }, { "last_affected": "cf0214ffab0809f1186118f1b022c6d9717b342b" } ], "repo": "https://github.com/apache/oozie", "type": "GIT" } ] } ], "details": "Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host.", "id": "CVE-2017-15712", "modified": "2026-03-13T21:55:17.480828007Z", "published": "2018-02-19T14:29:00.207Z", "references": [ { "type": "WEB", "url": "https://lists.apache.org/thread.html/4606709264fe7cb0285e2a12aca2d01a06b14cd58791c9fc32abd216%40%3Cdev.oozie.apache.org%3E" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/103102" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }