Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache inlong vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2023-31065
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users...
Apache Inlong
9.8
CVSSv3
CVE-2023-31098
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 up to and including 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user...
Apache Inlong
6.5
CVSSv3
CVE-2023-34189
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrenc...
Apache Inlong
8.8
CVSSv3
CVE-2023-27296
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 up to and including 1.5....
Apache Inlong
8.8
CVSSv3
CVE-2022-40955
In versions of Apache InLong before 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execu...
Apache Inlong
9.8
CVSSv3
CVE-2023-51784
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 up to and including 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or che...
Apache Inlong
7.5
CVSSv3
CVE-2023-51785
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 up to and including 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-p...
Apache Inlong
6.5
CVSSv3
CVE-2023-43666
Insufficient Verification of Data Authenticity vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, General user can view all user data like Admin account. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick ...
Apache Inlong
7.5
CVSSv3
CVE-2023-43667
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, the attacker can create misleading or false records, making it harder to audit and...
Apache Inlong
3 Github repositories
9.8
CVSSv3
CVE-2023-43668
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users ar...
Apache Inlong
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »