Lucene search
ApacheVULNRICHMENT:CVE-2023-50740HistoryMar 06, 2024 - 1:44 p.m.
CVE-2023-50740 Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
2024-03-0613:44:53
CWE-532
apache
github.com
apache
linkis
datasource
oracle
password
leak
upgrade
In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.
We recommend users upgrade the version of Linkis to version 1.5.0
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache Linkis DataSource",
"versions": [
{
"status": "affected",
"version": "*",
"lessThan": "1.5.0",
"versionType": "maven"
}
],
"packageName": "org.apache.linkis:linkis-metadata-query-service-jdbc",
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
osv
osv
cve
cve
CVE-2023-50740
2024-03-06 14:15:47
github
github
veracode
veracode
Sensitive Information Disclosure
2024-03-07 11:25:37
nvd
nvd
CVE-2023-50740
2024-03-06 14:15:47
prion
prion
Design/Logic Flaw
2024-03-06 14:15:00
AI Score
7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-50740