GHSA-h79m-5cm2-278c

Source

https://github.com/advisories/GHSA-h79m-5cm2-278c

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-h79m-5cm2-278c/GHSA-h79m-5cm2-278c.json

Aliases

CVE-2023-31101

Published

2023-05-22T18:30:27Z

Modified

2024-02-16T08:02:59.770920Z

Details

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 to solve it.

References

Affected packages

Maven / org.apache.inlong:manager-dao

Package

Name: org.apache.inlong:manager-dao

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.5.0

Fixed

1.7.0

Affected versions

1.*

1.5.0

1.6.0

Maven / org.apache.inlong:manager-pojo

Package

Name: org.apache.inlong:manager-pojo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.5.0

Fixed

1.7.0

Affected versions

1.*

1.5.0

1.6.0

Maven / org.apache.inlong:manager-service

Package

Name: org.apache.inlong:manager-service

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.5.0

Fixed

1.7.0

Affected versions

1.*

1.5.0

1.6.0

Maven / org.apache.inlong:manager-web

Package

Name: org.apache.inlong:manager-web

Affected ranges

Type: ECOSYSTEM
Events: Introduced

1.5.0

Fixed

1.7.0

Affected versions

1.*

1.5.0

1.6.0