Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-46227

Published: 19/10/2023 Updated: 25/10/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Inlong

Vulnerability Summary

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 up to and including 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] github.com/apache/inlong/pull/8814

Vulnerable Product Search on Vulmon Subscribe to Product

apache inlong

Github Repositories

https://github.com/Snakinya/Snakinya

Student/CTFer 👋 🌄 苍山负雪,明烛天南 😃 Snakinya 😭 Web Security / Java Security /Network Security 🏚️ Blog:wwwsnakintop Some of my CVEs: CVE-2023-51770(Apache DolphinScheduler) CVE-2023-46227(Apache Inlong) CVE-2023-41578(Jeecg-boot) CVE-2023-42268(Jeecg-boot)

References

CWE-502https://lists.apache.org/thread/m8txor4f76tmrxksrmc87tw42g57nz33https://nvd.nist.govhttps://github.com/Snakinya/Snakinya
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook