High severityNVD Advisory· Published May 28, 2025· Updated Jan 28, 2026
Apache InLong: JDBC Vulnerability during verification processing
CVE-2025-27522
Description
Deserialization of Untrusted Data vulnerability in Apache InLong.
This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it.
[1]
https://github.com/apache/inlong/pull/11732
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.inlong:manager-pojoMaven | >= 1.13.0, < 2.2.0 | 2.2.0 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/apache/inlong/pull/11732ghsapatchWEB
- github.com/advisories/GHSA-r324-vgr5-73c9ghsaADVISORY
- lists.apache.org/thread/s4dnmq3gwcjocxf85qk190knlzd26jbyghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2025-27522ghsaADVISORY
- github.com/apache/inlong/commit/86c893cfd8f7ba9ffce5d20abef6cd360f502fdfghsaWEB
News mentions
0No linked articles in our index yet.