CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27296 – Apache InLong: JDBC Deserialization Vulnerability in InLong
https://notcve.org/view.php?id=CVE-2023-27296
27 Mar 2023 — Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick [2] to solve it. [1] https://programmer.help/blogs/jdbc-deserialization-vulnerability-learning.html https://programmer.help/blogs/jdbc-deserialization-vulnerabilit... • https://lists.apache.org/thread/xbvtjw9bwzgbo9fp1by8o3p49nf59xzt • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 21%CPEs: 1EXPL: 0CVE-2023-24997 – Apache InLong: Jdbc Connection Security Bypass
https://notcve.org/view.php?id=CVE-2023-24997
01 Feb 2023 — Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it. Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to... • https://lists.apache.org/thread/nxvtxq7oxhwyzo9ty2hqz8rvh5r7ngd8 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24977 – Apache InLong: Jdbc Connection causes arbitrary file reading in InLong
https://notcve.org/view.php?id=CVE-2023-24977
01 Feb 2023 — Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it. Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest versio... • https://lists.apache.org/thread/ggozxorctn3tdll7bgmpwwcbjnd0s6w7 • CWE-125: Out-of-bounds Read •