Lucene search
China National Vulnerability DatabaseCNVD-2023-25936HistoryMar 29, 2023 - 12:00 a.m.
Apache InLong Deserialization Vulnerability (CNVD-2023-25936)
2023-03-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
apache inlong
u.s. apache foundation
deserialization vulnerability
insecure deserialization
code execution
data integration
EPSS
0.001
Percentile
44.4%
Apache InLong is the U.S. Apache (Apache) Foundation’s one-stop framework for integrating massive amounts of data. Apache InLong versions 1.1.0 through 1.5.0 contain a deserialization vulnerability that stems from insecure deserialization processing of serialized data submitted by the application upon receipt by the user, which could be exploited by an attacker to cause code execution.
Related
github
github
Apache InLong vulnerable to JDBC Deserialization of Untrusted Data
2023-03-27 15:30:16
cvelist
cvelist
CVE-2023-27296 Apache InLong: JDBC Deserialization Vulnerability in InLong
2023-03-27 14:10:32
cve
cve
CVE-2023-27296
2023-03-27 15:15:08
prion
prion
Deserialization of untrusted data
2023-03-27 15:15:00
osv
osv
CVE-2023-27296
2023-03-27 15:15:08
Apache InLong vulnerable to JDBC Deserialization of Untrusted Data
2023-03-27 15:30:16
veracode
veracode
Deserialization Of Untrusted Data
2023-03-28 04:13:41
nvd
nvd
CVE-2023-27296
2023-03-27 15:15:08