Lucene search
ApacheCVELIST:CVE-2023-51785HistoryJan 03, 2024 - 9:36 a.m.
CVE-2023-51785 Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager
2024-01-0309:36:24
CWE-502
apache
www.cve.org
cve-2023-51785
apache inlong
arbitrary file read
deserialization of untrusted data
mysql driver
upgrade
cherry-pick
0.003 Low
EPSS
Percentile
70.7%
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.9.0, the attackersย can make a arbitrary file read attack using mysql driver.ย Users are advised to upgrade to Apache InLongโs 1.10.0 or cherry-pick [1] to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.9.0",
"status": "affected",
"version": "1.7.0",
"versionType": "semver"
}
]
}
]Related
osv
osv
Apache InLong Manager Arbitrary File Read Vulnerability
2024-01-03 12:30:21
prion
prion
Deserialization of untrusted data
2024-01-03 10:15:00
nvd
nvd
CVE-2023-51785
2024-01-03 10:15:09
cve
cve
CVE-2023-51785
2024-01-03 10:15:09
veracode
veracode
Arbitrary File Read
2024-01-04 12:28:08
github
github
Apache InLong Manager Arbitrary File Read Vulnerability
2024-01-03 12:30:21
cnvd
cnvd
Apache InLong Code Issue Vulnerability (CNVD-2024-08088)
2024-01-09 00:00:00