Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheLinkis

2 matches found

CVE
CVEadded 2023/01/31 10:15 a.m.58 views

CVE-2022-44644

In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should b...

6.5CVSS6.2AI score0.00113EPSS
CVE
CVEadded 2024/07/15 8:15 a.m.55 views

CVE-2023-41916

In Apache Linkis =1.4.0, due to the lack of effective filteringof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the...

6.5CVSS6.3AI score0.00171EPSS