VYPR

Maven package

org.apache.linkis/linkis-engineconn

pkg:maven/org.apache.linkis/linkis-engineconn

Vulnerabilities (1)

  • CVE-2023-29215Apr 10, 2023
    affected < 1.3.2fixed 1.3.2

    In Apache Linkis <=1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters