oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2025-61733: Apache Kylin: Authentication bypass

From: Li Yang <liyang () apache org>
Date: Tue, 30 Sep 2025 15:28:38 +0000
Severity: high 

Affected versions:

- Apache Kylin 4.0.0 through 5.0.2

Description:

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin.

This issue affects Apache Kylin: from 4.0.0 through 5.0.2.

Users are recommended to upgrade to version 5.0.3, which fixes the issue.

This issue is being tracked as KYLIN-6081 

Credit:

liuhuajin <liuhuajin1 () huawei com> (finder)

References:

https://kylin.apache.org/
https://www.cve.org/CVERecord?id=CVE-2025-61733
https://issues.apache.org/jira/browse/KYLIN-6081
Previous By Date Next
Previous By Thread Next

Current thread: