Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache inlong vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51784
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 up to and including 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or che...
Apache Inlong
9.8
CVSSv3
CVE-2023-43668
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users ar...
Apache Inlong
9.8
CVSSv3
CVE-2023-35088
Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. In the toAuditCkSql method, the groupId, streamId, audi...
Apache Inlong
9.8
CVSSv3
CVE-2023-31062
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by se...
Apache Inlong
9.8
CVSSv3
CVE-2023-31098
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 up to and including 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user...
Apache Inlong
9.8
CVSSv3
CVE-2023-24997
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 up to and including 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/...
Apache Inlong
9.1
CVSSv3
CVE-2023-31065
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users...
Apache Inlong
9.1
CVSSv3
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advi...
Apache Inlong
8.8
CVSSv3
CVE-2023-27296
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 up to and including 1.5....
Apache Inlong
8.8
CVSSv3
CVE-2022-40955
In versions of Apache InLong before 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execu...
Apache Inlong
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »