Lucene search
HistoryOct 19, 2023 - 10:15 a.m.
CVE-2023-46227
apache inlong
deserialization
vulnerability
upgrade
security
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.7%
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.
This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass.Β Users are advised to upgrade to Apache InLongβs 1.9.0 or cherry-pick [1] to solve it.
Affected configurations
Node
apacheinlongRange1.4.0β1.9.0
Related
vulnrichment
vulnrichment
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability
2023-10-19 09:40:46
osv
osv
Apache InLong Deserialization of Untrusted Data Vulnerability
2023-10-19 12:30:23
CVE-2023-46227
2023-10-19 10:15:10
prion
prion
Deserialization of untrusted data
2023-10-19 10:15:00
cvelist
cvelist
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability
2023-10-19 09:40:46
veracode
veracode
Deserialization Of Untrusted Data
2023-10-23 09:42:50
cnvd
cnvd
Apache InLong Deserialization Vulnerability (CNVD-2023-93323)
2023-10-23 00:00:00
github
github
Apache InLong Deserialization of Untrusted Data Vulnerability
2023-10-19 12:30:23
cve
cve
CVE-2023-46227
2023-10-19 10:15:10
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.7%
Related for NVD:CVE-2023-46227