Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit
and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.
[1] https://github.com/apache/inlong/pull/8628
Metrics
Affected Vendors & Products
References
History
Fri, 27 Sep 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-89 | |
Metrics |
ssvc
|
Fri, 27 Sep 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628 |
Weaknesses | CWE-74 |
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-10-16T08:08:01.762Z
Updated: 2024-09-27T11:45:35.203Z
Reserved: 2023-09-21T03:37:46.180Z
Link: CVE-2023-43667
Vulnrichment
Updated: 2024-08-02T19:44:43.908Z
NVD
Status : Modified
Published: 2023-10-16T09:15:10.500
Modified: 2024-11-21T08:24:34.960
Link: CVE-2023-43667
Redhat
No data.