CVE-2018-11799: Apache Oozie security vulnerability Severity: 8.7 (High) (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N)
Vendor: The Apache Software Foundation Versions Affected: Oozie versions earlier than 5.1.0 Description: A malicious user can construct an XML that results workflows running in other user's name. Mitigation: Upgrade to Apache Oozie 5.1.0 Credit: This issue was discovered by *Satish Subhashrao Saley at Oath / Yahoo!* Gezapeti Cseh