Linkis@* Security Vulnerabilities and Issues — Linkis@* CVE List

Lucene search

ApacheLinkis*

7 matches found

CVE•added 2024/03/06 2:15 p.m.•61 views

CVE-2023-50740

In Apache Linkis

5.3CVSS5.2AI score0.00093EPSS

CVE•added 2024/07/15 8:15 a.m.•58 views

CVE-2023-46801

In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version = 1.8.0_241. Or users upgrade Linkis to version 1.6.0.

8.8CVSS8.9AI score0.02464EPSS

CVE•added 2024/07/15 8:15 a.m.•54 views

CVE-2023-41916

In Apache Linkis =1.4.0, due to the lack of effective filteringof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the...

6.5CVSS6.3AI score0.00252EPSS

CVE•added 2024/09/25 1:15 a.m.•51 views

CVE-2024-39928

In Apache Linkis

7.5CVSS7.5AI score0.002EPSS

CVE•added 2024/07/15 8:15 a.m.•50 views

CVE-2023-49566

In Apache Linkis <=1.5.0, due to the lack of effective filteringof parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. This attack requires the attacker to obt...

8.8CVSS8.8AI score0.00749EPSS

CVE•added 2024/08/02 10:15 a.m.•38 views

CVE-2024-27181

In Apache Linkis

8.8CVSS6.5AI score0.00312EPSS

CVE•added 2024/08/02 10:16 a.m.•36 views

CVE-2024-27182

In Apache Linkis

4.9CVSS6.5AI score0.00384EPSS