QwikSec

Security Database

CVE

CWE

Training

CVE-2025-27526

Published: May 28, 2025

Modified: May 28, 2025

PUBLISHED

Description

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11747

Vendor	Product	Versions
Apache Software Foundation	Apache InLong	affected `1.13 - <= 2.1.0`

Weaknesses (CWE)

References

https://lists.apache.org/thread/4t4sqscm7xdqn883dyjy40qk6ncf26xf

vendor-advisory

https://github.com/apache/inlong/pull/11747

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.