{"schema_version": "1.6.1", "id": "CVE-2022-44621", "summary": "Command injection by Diagnosis Controller", "details": "Diagnosis Controller miss parameter validation, so user may attacked by command injection via HTTP Request.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Kylin 4 "}, {"last_affected": "Apache Kylin 4 "}]}]}], "references": [{"type": "WEB", "url": "https://lists.apache.org/thread/7ctchj24dofgsj9g1rg1245cms9myb34"}]}