2 matches found
CVE-2024-36268 Apache InLong TubeMQ Client: Remote Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick 1 to solve it. 1 ...
CVE-2024-36268
Summary: Apache InLong versions 1.10.0–1.12.0 are affected by a Code Injection vulnerability that could enable Remote Code Execution. The root cause is improper control of code generation. Impact is described as remote execution with potential abuse of affected components (e.g., TubeMQ client). A...