GHSA-752q-72qc-rc66

GitHub Security Advisory

Apache Kylin Session Fixation vulnerability

✓ GitHub Reviewed HIGH Has CVE

Session Fixation vulnerability in Apache Kylin.

This issue affects Apache Kylin: from 2.0.0 through 4.x.

Users are recommended to upgrade to version 5.0.0 or above, which fixes the issue.

Maven org.apache.kylin:kylin

Affected versions: 2.0.0 (fixed in 5.0.0)

CVE-2024-23590

GHSA ID

GHSA-752q-72qc-rc66

Published

November 4, 2024 12:32 PM

Last Modified

July 11, 2025 3:04 PM

CVSS Score

7.5 /10

Primary Ecosystem

Maven

Primary Package

org.apache.kylin:kylin

GitHub Reviewed

✓ Yes

Last updated: July 28, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.