Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Apache InLong — Vulnerabilities & Security Advisories 31

All 31 CVE vulnerabilities found in Apache InLong, with AI-generated Chinese analysis, references, and POCs.

Vendor: Apache Software Foundation

CVE IDTitleCVSSSeverityPaused
CVE-2025-27531 Apache InLong: An arbitrary file read vulnerability for JDBC CWE-502 6.5AIMediumAI2025-06-06
CVE-2025-27528 Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read CWE-502 7.5AIHighAI2025-05-28
CVE-2025-27526 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass CWE-502 9.8AICriticalAI2025-05-28
CVE-2025-27522 Apache InLong: JDBC Vulnerability during verification processing CWE-502 8.1AIHighAI2025-05-28
CVE-2024-26579 Apache Inlong JDBC Vulnerability CWE-502 9.8AICriticalAI2024-05-08
CVE-2024-26580 Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability CWE-502 9.1AICriticalAI2024-03-06
CVE-2023-51784 Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager CWE-94 9.8AICriticalAI2024-01-03
CVE-2023-51785 Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager CWE-502 7.5AIHighAI2024-01-03
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability CWE-502 9.8 -2023-10-19
CVE-2023-43666 Apache InLong: General user Unauthorized access User Management CWE-345 6.5 -2023-10-16
CVE-2023-43667 Apache InLong: Log Injection in Global functions CWE-74 5.3 -2023-10-16
CVE-2023-43668 Apache InLong: Jdbc Connection Security Bypass in InLong CWE-639 9.8 -2023-10-16
CVE-2023-35088 Apache InLong: SQL injection in audit endpoint CWE-89 9.8 -2023-07-25
CVE-2023-34434 Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param CWE-502 7.5 -2023-07-25
CVE-2023-34189 Apache InLong: General user can delete and update process CWE-668 9.1 -2023-07-25
CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong CWE-269 8.8 -2023-05-22
CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications CWE-552 6.5 -2023-05-22
CVE-2023-31065 Apache InLong: Insufficient Session Expiration in InLong CWE-613 9.8 -2023-05-22
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources CWE-552 8.1 -2023-05-22
CVE-2023-31098 Apache InLong: Weak Password Implementation in InLong CWE-521 7.4 -2023-05-22
CVE-2023-31101 Apache InLong: Users who joined later can see the data of deleted users CWE-1188 5.3 -2023-05-22
CVE-2023-31103 Apache InLong: Attackers can change the immutable name and type of cluster CWE-668 8.2 -2023-05-22
CVE-2023-31206 Apache InLong: Attackers can change the immutable name and type of nodes CWE-668 8.2 -2023-05-22
CVE-2023-31453 Apache InLong: IDOR make users can delete others' subscription CWE-732 7.5 -2023-05-22
CVE-2023-31454 Apache InLong: IDOR make users can bind any cluster CWE-732 9.8 -2023-05-22
CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks CWE-502 9.8 -2023-05-22
CVE-2023-30465 Apache InLong: SQL injection in apache inLong 1.5.0 CWE-89 5.3 -2023-04-11
CVE-2023-27296 Apache InLong: JDBC Deserialization Vulnerability in InLong CWE-502 8.8 -2023-03-27
CVE-2023-24997 Apache InLong: Jdbc Connection Security Bypass CWE-502 9.8 -2023-02-01
CVE-2023-24977 Apache InLong: Jdbc Connection causes arbitrary file reading in InLong CWE-125 7.5 -2023-02-01

All 31 known CVE vulnerabilities affecting Apache InLong with full Chinese analysis, references, and POCs where available.