PT-2023-9156 · Apache · Apache Inlong

X1R0Z

Publicado

2023-11-23

Atualizado

2025-05-16

CVE-2023-51784

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apache InLong versions 1.5.0 through 1.9.0

Description The issue is related to an Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong, which could lead to Remote Code Execution. This vulnerability affects Apache InLong versions from 1.5.0 through 1.9.0.

Recommendations To solve the issue, users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick the solution provided in https://github.com/apache/inlong/pull/9329.

Correção

RCE

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

BDU:2024-04253

CVE-2023-51784

GHSA-9XG9-HH45-XCM6

Produtos afetados

Apache Inlong

PT-2023-9156 · Apache · Apache Inlong

CVE-2023-51784

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20