9 matches found
CVE-2024-39928
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
GHSA-6GCH-63WP-4V5F Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
CVE-2024-39928
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
CVE-2024-39928
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
CVE-2024-39928 Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
CVE-2024-39928 Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...
CVE-2024-39928
Summary of CVE-2024-39928 (Apache Linkis Spark EngineConn) Affected software: Apache Linkis Spark EngineConn in versions up to 1.5.0 (engine component referenced as EngineConn/Spark EngineConn). Vulnerability: Random string generation for Py4j token uses Commons Lang’s RandomStringUtils, enabling...
PT-2024-28740 · Apache · Spark Engineconn +2
Name of the Vulnerable Software and Affected Versions: Apache Linkis versions 1.3.0 through 1.5.0 Description: A Random string security vulnerability exists in Spark EngineConn, where the random string generated by the Token when starting Py4j uses Commons Lang's RandomStringUtils. Recommendation...