Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick [2] to solve it. [1]  https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html [2] https://github.com/apache/inlong/pull/7422 https://github.com/apache/inlong/pull/7422
History

Wed, 23 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-03-27T14:10:32.785Z

Updated: 2024-10-23T16:39:30.822Z

Reserved: 2023-02-28T02:47:39.202Z

Link: CVE-2023-27296

cve-icon Vulnrichment

Updated: 2024-08-02T12:09:43.156Z

cve-icon NVD

Status : Modified

Published: 2023-03-27T15:15:08.650

Modified: 2024-11-21T07:52:36.060

Link: CVE-2023-27296

cve-icon Redhat

No data.