Lucene search
+L

4 matches found

OSV
OSV
added 2023/05/22 4:15 p.m.30 views

CVE-2023-31064

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....

7.5CVSS7AI score0.01247EPSS
Exploits0References1
NVD
NVD
added 2023/05/22 4:15 p.m.47 views

CVE-2023-31064

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....

7.5CVSS7.5AI score0.01247EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/22 3:44 p.m.50 views

CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....

7.7AI score0.01247EPSS
Exploits0References1
CVE
CVE
added 2023/05/22 3:44 p.m.71 views

CVE-2023-31064

CVE-2023-31064 affects Apache InLong 1.2.0–1.6.0. The issue stems from files/directories being accessible to external parties, allowing a user to cancel an application that does not belong to them. The root cause is improper restrictions on the directory path when loading files. Exploitation is p...

7.5CVSS7.4AI score0.01247EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder