High severityNVD Advisory· Published Feb 1, 2023· Updated Mar 27, 2025
Apache InLong: Jdbc Connection causes arbitrary file reading in InLong
CVE-2023-24977
Description
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.inlong:inlongMaven | >= 1.1.0, <= 1.5.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-q9p5-w2v9-6wxfghsaADVISORY
- lists.apache.org/thread/ggozxorctn3tdll7bgmpwwcbjnd0s6w7ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-24977ghsaADVISORY
- github.com/apache/inlong/pull/7214ghsaWEB
News mentions
0No linked articles in our index yet.