Lucene search
ApacheCVELIST:CVE-2023-24997HistoryFeb 01, 2023 - 2:49 p.m.
CVE-2023-24997 Apache InLong: Jdbc Connection Security Bypass
2023-02-0114:49:44
CWE-502
apache
www.cve.org
5
apache inlong
jdbc connection
security bypass
deserialization
untrusted data
apache software foundation
upgrade
vulnerability
github.
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.Β Users are advised to upgrade to Apache InLongβs latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 Β to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
]Related
osv
osv
CVE-2023-24997
2023-02-01 15:15:08
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerability
2023-02-01 15:30:20
cve
cve
CVE-2023-24997
2023-02-01 15:15:08
veracode
veracode
Deserialization Of Untrusted Data
2023-02-02 06:49:30
cnvd
cnvd
Apache InLong Deserialization Vulnerability (CNVD-2023-25934)
2023-02-06 00:00:00
prion
prion
Deserialization of untrusted data
2023-02-01 15:15:00
github
github
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerability
2023-02-01 15:30:20
nvd
nvd
CVE-2023-24997
2023-02-01 15:15:08