Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628
History

Fri, 27 Sep 2024 12:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 27 Sep 2024 12:00:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628
Weaknesses CWE-74

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-10-16T08:08:01.762Z

Updated: 2024-09-27T11:45:35.203Z

Reserved: 2023-09-21T03:37:46.180Z

Link: CVE-2023-43667

cve-icon Vulnrichment

Updated: 2024-08-02T19:44:43.908Z

cve-icon NVD

Status : Modified

Published: 2023-10-16T09:15:10.500

Modified: 2024-11-21T08:24:34.960

Link: CVE-2023-43667

cve-icon Redhat

No data.