Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache inlong 1.4.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-43668
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users ar...
Apache Inlong
9.8
CVSSv3
CVE-2023-35088
Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. In the toAuditCkSql method, the groupId, streamId, audi...
Apache Inlong
9.1
CVSSv3
CVE-2023-31065
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users...
Apache Inlong
9.1
CVSSv3
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advi...
Apache Inlong
7.5
CVSSv3
CVE-2023-46227
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] t...
Apache Inlong
1 Github repository
7.5
CVSSv3
CVE-2023-43667
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, the attacker can create misleading or false records, making it harder to audit and...
Apache Inlong
3 Github repositories
7.5
CVSSv3
CVE-2023-34434
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. The attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to up...
Apache Inlong
7.5
CVSSv3
CVE-2023-31103
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InL...
Apache Inlong
7.5
CVSSv3
CVE-2023-31206
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLon...
Apache Inlong
7.5
CVSSv3
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgra...
Apache Inlong
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »