Apache Inlong
By the Year
In 2023 there have been 2 vulnerabilities in Apache Inlong with an average score of 8.7 out of ten. Last year Inlong had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2023 as compared to last year. Last year, the average CVE base score was greater by 0.15
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 2 | 8.65 |
| 2022 | 1 | 8.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Inlong vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Inlong Security Vulnerabilities
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong:
CVE-2023-24997
9.8 - Critical
- February 01, 2023
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it.
Marshaling, Unmarshaling
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0
CVE-2023-24977
7.5 - High
- February 01, 2023
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it.
Out-of-bounds Read
In versions of Apache InLong prior to 1.3.0
CVE-2022-40955
8.8 - High
- September 20, 2022
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.
Marshaling, Unmarshaling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Inlong or by Apache? Click the Watch button to subscribe.
