CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27182 – Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-27182
In Apache Linkis <= 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue. • https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27181 – Apache Linkis Basic management services: Privilege Escalation Attack vulnerability
https://notcve.org/view.php?id=CVE-2024-27181
In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue. • https://lists.apache.org/thread/hosd73l7hxb3rpt5rb0yg0ld11zph4c6 • CWE-269: Improper Privilege Management •