Maven package
org.apache.inlong/inlong
pkg:maven/org.apache.inlong/inlong
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-43666 | — | >= 1.4.0, < 1.9.0 | 1.9.0 | Oct 16, 2023 | Insufficient Verification of Data Authenticity vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, General user can view all user data like Admin account. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve i | ||
| CVE-2023-43667 | — | >= 1.4.0, < 1.8.0 | 1.8.0 | Oct 16, 2023 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and tra | ||
| CVE-2023-24997 | — | >= 1.1.0, <= 1.5.0 | — | Feb 1, 2023 | Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https: | ||
| CVE-2023-24977 | — | >= 1.1.0, <= 1.5.0 | — | Feb 1, 2023 | Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/ap |
- CVE-2023-43666Oct 16, 2023affected >= 1.4.0, < 1.9.0fixed 1.9.0
Insufficient Verification of Data Authenticity vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, General user can view all user data like Admin account. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve i
- CVE-2023-43667Oct 16, 2023affected >= 1.4.0, < 1.8.0fixed 1.8.0
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and tra
- CVE-2023-24997Feb 1, 2023affected >= 1.1.0, <= 1.5.0
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https:
- CVE-2023-24977Feb 1, 2023affected >= 1.1.0, <= 1.5.0
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/ap