Critical severityNVD Advisory· Published Feb 1, 2023· Updated Mar 26, 2025
Apache InLong: Jdbc Connection Security Bypass
CVE-2023-24997
Description
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.inlong:inlongMaven | >= 1.1.0, <= 1.5.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-22j4-qc48-j8f8ghsaADVISORY
- lists.apache.org/thread/nxvtxq7oxhwyzo9ty2hqz8rvh5r7ngd8ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-24997ghsaADVISORY
- github.com/apache/inlong/pull/7223ghsaWEB
News mentions
0No linked articles in our index yet.