CVE-2023-31101

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-31101

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31101.json

Aliases

GHSA-h79m-5cm2-278c

Published

2023-05-22T16:15:10Z

Modified

2023-11-29T09:57:26.189564Z

Details

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.

References

https://lists.apache.org/thread/shvwwr6toqz5rr39rwh4k03z08sh9jmr

Affected packages

Git / github.com/apache/inlong

Affected ranges

Type: GIT
Repo: https://github.com/apache/inlong
Events: Introduced

0The exact introduced commit is unknown

Last affected

9bd8781f32a151900feb2345580b858d6a1c0229

Last affected

ed0b5d520abc9cfe87501eb22f624eef9ae323e9

Affected versions

0.*

0.9.0-incubating-RC1

1.*

1.5.0-RC0

1.6.0-RC0