GHSA-f475-jgg3-3jwc
Suggest an improvement- Source
- https://github.com/advisories/GHSA-f475-jgg3-3jwc
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-f475-jgg3-3jwc/GHSA-f475-jgg3-3jwc.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-f475-jgg3-3jwc
- Aliases
- Published
- 2023-07-06T21:14:59Z
- Modified
- 2024-02-16T08:06:15.982771Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- Apache InLong Exposure of Resource to Wrong Sphere vulnerability
- Details
-
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 to solve it.
- Database specific
{ "nvd_published_at": "2023-05-22T14:15:09Z", "cwe_ids": [ "CWE-668" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-07-06T23:40:45Z" }- References
Affected packages
Maven / org.apache.inlong:manager-pojo
Package
- Name
- org.apache.inlong:manager-pojo
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.inlong/manager-pojo
Maven / org.apache.inlong:manager-dao
Package
- Name
- org.apache.inlong:manager-dao
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.inlong/manager-dao
Maven / org.apache.inlong:manager-service
Package
- Name
- org.apache.inlong:manager-service
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.inlong/manager-service
Maven / org.apache.inlong:manager-test
Package
- Name
- org.apache.inlong:manager-test
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.inlong/manager-test
Maven / org.apache.inlong:manager-web
Package
- Name
- org.apache.inlong:manager-web
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.inlong/manager-web