Lucene search
K

226 matches found

CNNVD
CNNVD
added 2026/01/19 12:0 a.m.9 views

Apache Linkis security vulnerabilities

Apache Linkis is a middleware product developed by the Apache Foundation in the United States. It enables effective connections between upper-level applications and underlying data engines. Versions of Apache Linkis prior to 1.7.0 contain security vulnerabilities. These vulnerabilities stem from...

6.5CVSS5.8AI score0.00403EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.29 views

Apache Linkis security vulnerabilities

Apache Linkis is a middleware product developed by the Apache Foundation in the United States. It enables effective connections between upper-level applications and underlying data engines. Versions of Apache Linkis 1.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem fr...

7.5CVSS5.8AI score0.00744EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.11 views

CVE-2023-29215

In Apache Linkis =1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC...

9.8CVSS7.5AI score0.0212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.6 views

CVE-2023-49566

In Apache Linkis =1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. This attack requires the attacker to obta...

8.8CVSS6.8AI score0.00845EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0482

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.01949EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-0960

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00901EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0550

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01161EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1961

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00811EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-1393

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.0212EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2023-1378

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.0212EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2332

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00728EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2114

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01808EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-7003

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01747EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-2177

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01996EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.9 views

PT-2025-38621

Name of the Vulnerable Software and Affected Versions Apache Linkis versions 1.3.0 through 1.7.0 Description A flaw exists in Apache Linkis when utilizing the JDBC engine and data source functionality. Multiple rounds of URL encoding applied to the URL parameter configured on the frontend can...

7.5CVSS5.3AI score0.00744EPSS
Exploits0References10
vulnersOsv
vulnersOsv
added 2025/06/19 12:30 p.m.8 views

org.apache.linkis:linkis-engineplugin-seatunnel (>=1.4.0 <=1.8.0), org.apache.seatunnel:connector-console-seatunnel-e2e (>=2.3.0 <=2.3.10) +6 more potentially affected by CVE-2025-32896 via org.apache.seatunnel:seatunnel-engine-common (>=2.3.0-beta <=2.3.10)

org.apache.seatunnel:seatunnel-engine-common MAVEN version =2.3.0-beta, =1.4.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.0, =2.3.10 Source cves: CVE-2025-32896 Source advisory: OSV:GHSA-9X53-GR7P-4QF5...

6.5CVSS7.4AI score0.01063EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.7 views

CVE-2024-39928

In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...

7.5CVSS6.8AI score0.00579EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.4 views

CVE-2024-27182

In Apache Linkis = 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue...

4.9CVSS6.8AI score0.00737EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:11 a.m.3 views

CVE-2024-27181

In Apache Linkis = 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue...

8.8CVSS6.8AI score0.00664EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.6 views

CVE-2024-45627

In Apache Linkis 1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be...

5.9CVSS6.6AI score0.00318EPSS
Exploits0
Rows per page
Query Builder