org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27526 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27526 Source advisory: OSV:GHSA-532X-J9R7-8F73...

org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27522 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27522 Source advisory: OSV:GHSA-R324-VGR5-73C9...

org.apache.inlong:manager-client (>=1.1.0-incubating <=2.1.0), org.apache.inlong:manager-client-examples (>=1.1.0-incubating <=2.1.0) +3 more potentially affected by CVE-2025-27526 via org.apache.inlong:manager-common (>=1.13.0 <=2.1.0)

org.apache.inlong:manager-common MAVEN version =1.13.0, =1.1.0-incubating, =1.1.0-incubating, =1.1.0-incubating, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27526 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255359...

Improper Handling of Invalid Use of Special Elements

Overview Affected versions of this package are vulnerable to Improper Handling of Invalid Use of Special Elements through the JDBC interface. An attacker can read arbitrary files by inserting special characters into JDBC URL and potentially access or modify data without proper authorisation...

org.apache.inlong:manager-client (>=1.7.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.7.0 <=2.1.0) +2 more potentially affected by CVE-2024-26579 +1 more via org.apache.inlong:manager-pojo (>=1.7.0 <=2.1.0)

org.apache.inlong:manager-pojo MAVEN version =1.7.0, =1.7.0, =1.7.0, =1.7.0, =2.0.0, =2.1.0 Source cves: CVE-2024-26579, CVE-2025-27522 Source advisory: SNYK:JAVA-ORGAPACHEINLONG-10255181...

Improper Handling of Unicode Encoding

Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding through the JDBC verification process. An attacker can manipulate the application behaviour by injecting malicious data into serialised objects. Note: This is a bypass for the vulnerability previous...

The vulnerability of the `updateAuditSource` method in the Manager component of the Apache InLong data integration platform allows a perpetrator to execute arbitrary code.

The vulnerability of the updateAuditSource method in the Manager component of the Apache InLong integration platform is related to improper code generation management. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

Deserialization Of Untrusted Data

org.apache.inlong/inlong-manager is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied input in AuditServiceImpl.java. The attacker can read arbitrary files by exploiting this vulnerability...

org.apache.inlong:manager-client (>=1.4.0 <=1.7.0), org.apache.inlong:manager-client-examples (>=1.4.0 <=1.7.0) +2 more potentially affected by CVE-2023-46227 via org.apache.inlong:manager-common (>=1.4.0 <=1.7.0)

org.apache.inlong:manager-common MAVEN version =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.7.0 Source cves: CVE-2023-46227 Source advisory: OSV:GHSA-JJ32-3PF5-5MV5...

org.apache.inlong:manager-client (>=1.4.0 <=1.6.0), org.apache.inlong:manager-client-examples (>=1.4.0 <=1.6.0) +2 more potentially affected by CVE-2023-31058 via org.apache.inlong:manager-common (>=1.4.0 <=1.6.0)

org.apache.inlong:manager-common MAVEN version =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.6.0 Source cves: CVE-2023-31058 Source advisory: OSV:GHSA-C3RH-F2W5-FGHM...