Lucene search
ApacheCVELIST:CVE-2023-31206HistoryMay 22, 2023 - 1:58 p.m.
CVE-2023-31206 Apache InLong: Attackers can change the immutable name and type of nodes
2023-05-2213:58:19
CWE-668
apache
www.cve.org
3
apache inlong
attackers
resource exposure
vulnerability
apache software foundation
upgrade
EPSS
0.002
Percentile
61.1%
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0.Β Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLongβs 1.7.0 or cherry-pick [1] to solve it.
[1] https://cveprocess.apache.org/cve5/[1]Β https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
}
]
}
]Related
osv
osv
CVE-2023-31206
2023-05-22 14:15:09
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
2023-07-06 21:14:59
huntr
huntr
attack can change the immutable name and type of nodes
2023-04-17 08:43:32
github
github
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
2023-07-06 21:14:59
prion
prion
Design/Logic Flaw
2023-05-22 14:15:00
cve
cve
CVE-2023-31206
2023-05-22 14:15:09
cnvd
cnvd
Apache InLong Security Bypass Vulnerability (CNVD-2023-42958)
2023-05-28 00:00:00
nvd
nvd
CVE-2023-31206
2023-05-22 14:15:09