Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:47 a.m.7 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS6.8AI score0.01228EPSS
Exploits0References1
Circl
Circl
added 2023/05/22 4:24 p.m.8 views

CVE-2023-31058

creationtimestamp| type| source ---|---|--- 2023-05-22 16:24:54+00:00| published-proof-of-concept| https://t.me/cibsecurity/64526...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References1
OSV
OSV
added 2023/05/22 1:15 p.m.11 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS7.1AI score0.01228EPSS
Exploits0References1
NVD
NVD
added 2023/05/22 1:15 p.m.32 views

CVE-2023-31058

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5CVSS7.5AI score0.01228EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/22 12:54 p.m.39 views

CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.7AI score0.01228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/22 12:54 p.m.10 views

CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or...

7.5AI score0.01228EPSS
Exploits0References1
CVE
CVE
added 2023/05/22 12:54 p.m.70 views

CVE-2023-31058

Summary (CVE-2023-31058): Deserialization of untrusted data in Apache InLong (1.4.0–1.6.0) allows attackers to bypass the autoDeserialize filtering by inserting blanks. This can enable unintended behavior as described; no exploitation details are provided here. Impact: high likelihood of bypass o...

7.5CVSS7.5AI score0.01228EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder