QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-31058

Back to search

CVE-2023-31058

Published: May 22, 2023

Modified: Oct 10, 2024

PUBLISHED

Description

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick  https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it.

VendorProductVersions

Apache Software Foundation

Apache InLong

affected
1.4.0 - <= 1.6.0

Weaknesses (CWE)

CWE-502

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now