Lucene search
China National Vulnerability DatabaseCNVD-2023-80566HistoryApr 12, 2023 - 12:00 a.m.
Apache Linkis Code Execution Vulnerability (CNVD-2023-80566)
2023-04-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
apache linkis
code execution
vulnerability
remote code execution
jdbc engineconn module
mysql jdbc parameters
Apache Linkis is a library of the U.S. Apache (Apache) Foundation. Helps to easily connect various backend compute/storage engines. A code execution vulnerability exists in Apache Linkis 1.3.1 and earlier versions, which stems from a lack of valid filtered parameters, and can be exploited by an attacker to configure malicious Mysql JDBC parameters in the JDBC EengineConn module, leading to remote code execution.
Related
cve
cve
CVE-2023-29215
2023-04-10 08:15:07
osv
osv
CVE-2023-29215
2023-04-10 08:15:07
Apache Linkis JDBC EngineConn has deserialization vulnerability
2023-04-10 09:30:15
github
github
Apache Linkis JDBC EngineConn has deserialization vulnerability
2023-04-10 09:30:15
prion
prion
Deserialization of untrusted data
2023-04-10 08:15:00
veracode
veracode
Remote Code Execution (RCE)
2023-04-12 05:32:57
cvelist
cvelist
nvd
nvd
CVE-2023-29215
2023-04-10 08:15:07