CVE-2023-46227

Name of the Vulnerable Software and Affected Versions Apache InLong versions 1.4.0 through 1.8.0

Description This issue is related to the deserialization of untrusted data, allowing an attacker to bypass security measures using t. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited.

Technical details about exploitation include the use of t to bypass security. No specific API endpoints, vulnerable parameters, or function names are mentioned.

Recommendations For Apache InLong versions 1.4.0 through 1.8.0, users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick the solution from the provided GitHub link to solve the issue. As a temporary workaround, consider restricting the deserialization of untrusted data until a patch is available.