{"vulnerability": "CVE-2020-9479", "sightings": [{"uuid": "58f96148-5089-4b14-9a53-8e98e9985926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9479", "type": "seen", "source": "https://t.me/cibsecurity/24300", "content": "\u203c CVE-2020-9479 \u203c\n\nWhen loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-01T18:43:21.000000Z"}]}