Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.6 views

CVE-2024-45627

In Apache Linkis 1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be...

5.9CVSS6.6AI score0.00318EPSS
Exploits0
OSV
OSV
added 2025/01/14 6:31 p.m.8 views

GHSA-8CVQ-3JJP-PH9P Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability

Affected versions: - Apache Linkis Metadata Query Service JDBC 1.5.0 before 1.7.0 Description: In Apache Linkis 1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read...

5.9CVSS5.6AI score0.00318EPSS
Exploits0References4
NVD
NVD
added 2025/01/14 5:15 p.m.17 views

CVE-2024-45627

In Apache Linkis 1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be...

5.9CVSS0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/14 4:13 p.m.13 views

CVE-2024-45627 Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability

In Apache Linkis 1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be...

0.00318EPSS
Exploits0References1
OSV
OSV
added 2024/07/15 9:36 a.m.13 views

GHSA-JJVC-V8GW-5255 Apache Linkis DataSource remote code execution vulnerability

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

7.7CVSS8.9AI score0.01228EPSS
Exploits0References4
OSV
OSV
added 2024/07/15 9:36 a.m.15 views

GHSA-F22J-9J59-33J4 Apache Linkis DataSource allows arbitrary file reading

In Apache Linkis = 1.4.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires...

7.1CVSS6.3AI score0.00728EPSS
Exploits0References5
NVD
NVD
added 2024/07/15 8:15 a.m.45 views

CVE-2023-46801

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

8.8CVSS0.01228EPSS
Exploits0References2
OSV
OSV
added 2024/07/15 8:15 a.m.17 views

CVE-2023-46801

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

8.8CVSS7.7AI score
Exploits0References2
NVD
NVD
added 2024/07/15 8:15 a.m.22 views

CVE-2023-41916

In Apache Linkis =1.4.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires...

6.5CVSS0.00728EPSS
Exploits0References2
CVE
CVE
added 2024/07/15 7:55 a.m.79 views

CVE-2023-46801

Apache Linkis vulnerable to remote code execution in the DataSource MySQL handler for versions = 1.8.0_241 and/or upgrade Linkis to version 1.6.0. If upgrading is not immediately possible, validate and restrict JRMP usage and account privileges to reduce exposure. If exploitation details are not ...

8.8CVSS8.9AI score0.01228EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/15 7:55 a.m.21 views

CVE-2023-46801 Apache Linkis DataSource: DataSource Remote code execution vulnerability

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

7.8AI score0.01228EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/15 7:55 a.m.46 views

CVE-2023-46801 Apache Linkis DataSource: DataSource Remote code execution vulnerability

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

0.01228EPSS
Exploits0References1
CVE
CVE
added 2024/07/15 7:53 a.m.75 views

CVE-2023-41916

CVE-2023-41916 affects Apache Linkis DataSource Manager: inadequate filtering of parameters allows an authorized attacker to configure malicious MySQL JDBC parameters and trigger arbitrary file reads in Linkis

6.5CVSS6.3AI score0.00728EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.7 views

PT-2024-5102 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions =1.5.0 Description: The issue is related to the lack of effective filtering of parameters in the DataSource Manager Module of Apache Linkis. This allows an attacker to configure malicious db2 parameters, resulting in jn...

9CVSS7.3AI score0.00845EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.5 views

PT-2024-5100 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions = 1.8.0 241. For Apache Linkis versions = 1.5.0, upgrade Linkis to version 1.6.0...

9CVSS8AI score0.01228EPSS
Exploits0References11
F5 Networks
F5 Networks
added 2023/02/21 7:54 p.m.63 views

K29146534: SSB Variant 4 vulnerability CVE-2018-3639

Security Advisory Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel...

5.5CVSS6.8AI score0.60631EPSS
Exploits2Affected Software19
Rows per page
Query Builder