Lucene search
Veracode Vulnerability DatabaseVERACODE:39082HistoryFeb 02, 2023 - 6:49 a.m.
Deserialization Of Untrusted Data
2023-02-0206:49:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
deserialization untrusted data
mysqlsinkdto vulnerability
user input control
EPSS
0.079
Percentile
94.4%
manager-pojo is vulnerable to Deserialization Of Untrusted Data. The vulnerability exists because the filterSensitive function of MySQLSinkDTO.java does not properly decode the user input MySQL JDBC URLs, allowing an attacker to control the current state or the flow of the execution.
Related
cve
cve
CVE-2023-24997
2023-02-01 15:15:08
osv
osv
CVE-2023-24997
2023-02-01 15:15:08
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerability
2023-02-01 15:30:20
cvelist
cvelist
CVE-2023-24997 Apache InLong: Jdbc Connection Security Bypass
2023-02-01 14:49:44
cnvd
cnvd
Apache InLong Deserialization Vulnerability (CNVD-2023-25934)
2023-02-06 00:00:00
prion
prion
Deserialization of untrusted data
2023-02-01 15:15:00
github
github
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerability
2023-02-01 15:30:20
nvd
nvd
CVE-2023-24997
2023-02-01 15:15:08