434 matches found
The vulnerability of the JDBC platform integration data processing server Apache InLong’s URL address handler allows a attacker to execute arbitrary code.
The vulnerability of the JDBC URL connection handler of the Apache InLong data integration platform is related to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Apache InLong Deserialization Vulnerability
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.3.0, which arises from unsafe deserialization of...
Remote Code Execution
org.apache.inlong:sort-connector-jdbc is vulnerable to remote code execution. A remote attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database is able to upload and execute malicious code on server by misusing data...
org.apache.inlong.agent-common.1.11.0.inlong1.11.org.apache.inlong:agent-common (=1.11.0), org.apache.inlong:agent-common (>=1.0.0-incubating <=1.13.0) +83 more potentially affected by CVE-2022-40955 via org.apache.inlong:inlong-common (>=0.9.0-incubating <=1.2.0-incubating)
org.apache.inlong:inlong-common MAVEN version =0.9.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.12.0, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.12.0, =1.0.0-incubating, =1.0.0-incubating, =1.1.0-incubating,...
Apache InLong vulnerable to Deserialization of Untrusted Data
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
GHSA-26M4-QJP9-XMC6 Apache InLong vulnerable to Deserialization of Untrusted Data
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
CVE-2022-40955
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
CVE-2022-40955
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
Remote code execution
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
CVE-2022-40955 Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
CVE-2022-40955 Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the...
CVE-2022-40955
CVE-2022-40955 affects Apache InLong, prior to version 1.3.0. The vulnerability arises from unsafe deserialization of data received via the MySQL JDBC connection URL parameters, allowing an attacker with privileges to supply these parameters and write arbitrary data to the MySQL database to cause...
Apache InLong 代码问题漏洞
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.3.0, which arises from unsafe deserialization of...
PT-2022-4972 · Apache · Apache Inlong
Name of the Vulnerable Software and Affected Versions: Apache InLong versions prior to 1.3.0 Description: The issue is related to the deserialization of untrusted data in the MySQL JDBC connection URL parameters, potentially leading to Remote Code Execution on the Apache InLong server. An attacke...