Lucene search
GoogleOSV:GHSA-JJ32-3PF5-5MV5HistoryOct 19, 2023 - 12:30 p.m.
Apache InLong Deserialization of Untrusted Data Vulnerability
2023-10-1912:30:23
Google
osv.dev
5
apache inlong
vulnerability
deserialization
untrusted data
upgrade
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.7%
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.
This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass.Β Users are advised to upgrade to Apache InLongβs 1.9.0 or cherry-pick [1] to solve it.
Related
vulnrichment
vulnrichment
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability
2023-10-19 09:40:46
prion
prion
Deserialization of untrusted data
2023-10-19 10:15:00
cvelist
cvelist
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability
2023-10-19 09:40:46
veracode
veracode
Deserialization Of Untrusted Data
2023-10-23 09:42:50
nvd
nvd
CVE-2023-46227
2023-10-19 10:15:10
github
github
Apache InLong Deserialization of Untrusted Data Vulnerability
2023-10-19 12:30:23
osv
osv
CVE-2023-46227
2023-10-19 10:15:10
cnvd
cnvd
Apache InLong Deserialization Vulnerability (CNVD-2023-93323)
2023-10-23 00:00:00
cve
cve
CVE-2023-46227
2023-10-19 10:15:10
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
45.7%
Related for OSV:GHSA-JJ32-3PF5-5MV5