漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache InLong: Jdbc Connection Security Bypass in InLong
Vulnerability Description
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile".... . Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8604
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Apache InLong 代码问题漏洞
Vulnerability Description
Apache InLong是美国阿帕奇(Apache)基金会的一站式的海量数据集成框架。提供自动化、安全、可靠的数据传输能力。 Apache InLong 1.4.0 到 1.8.0版本存在代码问题漏洞,该漏洞源于一些敏感参数检查可以被绕过,攻击者利用该漏洞可以进行授权绕过。
CVSS Information
N/A
Vulnerability Type
N/A