3 matches found
CVE-2023-29216 Apache Linkis DatasourceManager module has a deserialization command execution
In Apache Linkis =1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis = 1.3.0...
CVE-2023-29216
In Apache Linkis, the DatasourceManager module (<=1.3.1) suffers a deserialization vulnerability caused by unfiltered parameters, enabling an attacker to configure a new data source via the MySQL data source and trigger remote code execution. Affected versions: Linkis 1.3.1 and earlier (
CVE-2023-29216 Apache Linkis DatasourceManager module has a deserialization command execution
In Apache Linkis =1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis = 1.3.0...