CVE-2023-50740

2024-03-0614:15:47

CWE-532

apache

web.nvd.nist.gov

cve

apache linkis

password leakage

data source

oracle

upgrade

nvd

AI Score

6.6

Confidence

Low

EPSS

Percentile

9.0%

JSON

In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.
We recommend users upgrade the version of Linkis to version 1.5.0

Affected configurations

Vulners

Node

apachelinkisRange≤1.5.0

VendorProductVersionCPE
apachelinkis*cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apache	linkis	*	cpe:2.3:a:apache:linkis::::::::

CNA Affected

[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.linkis:linkis-metadata-query-service-jdbc",
    "product": "Apache Linkis DataSource",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "1.5.0",
        "status": "affected",
        "version": "*",
        "versionType": "maven"
      }
    ]
  }
]