Description: There is a race condition in OozieSharelibCLI which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.
A race condition in OozieSharelibCLI allows an attacker to replace the contents of the sharelib. This issue affects Apache Oozie versions prior to 5.2.1. Mitigation: Validate the contents of the sharelib after uploading. Credit: The Apache Oozie PMC would like to thank Jonathan Leitschuh for reporting the issue