Lucene search
ApacheCVELIST:CVE-2023-31066HistoryMay 22, 2023 - 3:35 p.m.
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources
2023-05-2215:35:41
CWE-552
apache
www.cve.org
cve-2023-31066
apache inlong
insecure direct object references
external parties vulnerability
apache software foundation
upgrade
cherry-pick
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong couldΒ delete, edit, stop, and start othersβ sources!Β Users are advised to upgrade to Apache InLongβs 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 https://github.com/apache/inlong/pull/7775 to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
}
]
}
]Related
huntr
huntr
IDOR make one user can stop, start , delete, edit others' source
2023-04-02 07:00:31
osv
osv
Apache InLong has Files or Directories Accessible to External Parties in Apache InLong
2023-07-06 21:14:59
CVE-2023-31066
2023-05-22 16:15:10
prion
prion
Xxe
2023-05-22 16:15:00
cve
cve
CVE-2023-31066
2023-05-22 16:15:10
cnvd
cnvd
Apache InLong Security Bypass Vulnerability (CNVD-2023-42961)
2023-05-28 00:00:00
nvd
nvd
CVE-2023-31066
2023-05-22 16:15:10
veracode
veracode
Insecure Direct Object References (IDOR)
2023-05-26 02:15:32
github
github