Inlong Apache Inlong

Do you want an email whenever new security vulnerabilities are reported in Apache Inlong?

By the Year

In 2023 there have been 2 vulnerabilities in Apache Inlong with an average score of 8.7 out of ten. Last year Inlong had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2023 as compared to last year. Last year, the average CVE base score was greater by 0.15

Year Vulnerabilities Average Score
2023 2 8.65
2022 1 8.80
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Inlong vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Inlong Security Vulnerabilities

Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong:

CVE-2023-24997 9.8 - Critical - February 01, 2023

Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7223 https://github.com/apache/inlong/pull/7223 to solve it.

Marshaling, Unmarshaling

Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0

CVE-2023-24977 7.5 - High - February 01, 2023

Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it.

Out-of-bounds Read

In versions of Apache InLong prior to 1.3.0

CVE-2022-40955 8.8 - High - September 20, 2022

In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apache Inlong or by Apache? Click the Watch button to subscribe.

Apache
Vendor

Apache Inlong
Product

subscribe