4 matches found
CVE-2023-27602
In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...
CVE-2023-27602
Summary: CVE-2023-27602 affects Apache Linkis <= 1.3.1, where the PublicService module allows uploading files without restrictions on path or type. This may enable arbitrary file uploads and, per CNVD, could lead to remote code execution. Impact (as stated): Potential total impact via arbitrar...
CVE-2023-27602 Apache Linkis publicsercice module unrestricted upload of file
In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...
CVE-2023-27602 Apache Linkis publicsercice module unrestricted upload of file
In Apache Linkis =1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2. For versions =1.3.1, we suggest turning on the file path check switch in linkis.properties...