Apache Linkis Code Execution Vulnerability (CNVD-2023-80566)

Apache Linkis is a library of the U.S. Apache Apache Foundation. Helps to easily connect various backend compute/storage engines. A code execution vulnerability exists in Apache Linkis 1.3.1 and earlier versions, which stems from a lack of valid filtered parameters, and can be exploited by an...

GHSA-QM2H-M799-86RC Apache Linkis JDBC EngineConn has deserialization vulnerability

In Apache Linkis =1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EngineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC U...

Apache Linkis JDBC EngineConn has deserialization vulnerability

In Apache Linkis =1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EngineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC U...

CVE-2022-39944 The Apache Linkis JDBC EngineConn module has a RCE Vulnerability

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...