漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache InLong TubeMQ Client: Remote Code Execution vulnerability
Vulnerability Description
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/10251
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Apache InLong 代码注入漏洞
Vulnerability Description
Apache InLong是美国阿帕奇(Apache)基金会的一站式的海量数据集成框架。提供自动化、安全、可靠的数据传输能力。 Apache InLong 1.10.0 版本至 1.12.0 版本存在代码注入漏洞,该漏洞源于包含一个代码注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A