Maven package
org.apache.inlong/inlong-manager
pkg:maven/org.apache.inlong/inlong-manager
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27531 | — | >= 1.13.0, < 2.1.0 | 2.1.0 | Jun 6, 2025 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 before 2.1.0, this issue would allow an authenticated attacker to read arbitrary files by double writing the param. Users are recommended to upgrade to version | ||
| CVE-2023-34189 | — | >= 1.4.0, < 1.8.0 | 1.8.0 | Jul 25, 2023 | Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users | ||
| CVE-2023-27296 | — | >= 1.1.0, < 1.6.0 | 1.6.0 | Mar 27, 2023 | Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users |
- CVE-2025-27531Jun 6, 2025affected >= 1.13.0, < 2.1.0fixed 2.1.0
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 before 2.1.0, this issue would allow an authenticated attacker to read arbitrary files by double writing the param. Users are recommended to upgrade to version
- CVE-2023-34189Jul 25, 2023affected >= 1.4.0, < 1.8.0fixed 1.8.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users
- CVE-2023-27296Mar 27, 2023affected >= 1.1.0, < 1.6.0fixed 1.6.0
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users