CVE-2023-34189

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-34189

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34189.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-34189

Aliases

GHSA-86pw-4rqp-6x7v

Withdrawn

2024-05-15T05:32:58.237189Z

Published

2023-07-25T08:15:10Z

Modified

2023-11-08T04:12:44.663432Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.

Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it.

References

Affected packages

Git / github.com/apache/inlong

Affected ranges

Type: GIT
Repo: https://github.com/apache/inlong
Events: Introduced

8c8145974548568a68bb81720cabdafbefe545be

Last affected

d0f950e25646cb9d51fb2d84f4975a0479dce8df