Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Apache InLong — Vulnerabilities & Security Advisories 31

All 31 CVE vulnerabilities found in Apache InLong, with AI-generated Chinese analysis, references, and POCs.

This page aggregates Common Weakness Enumeration (CWE) data specifically for the Apache InLong product developed by the Apache Software Foundation. It focuses on security vulnerabilities associated with this distributed data integration platform, providing a centralized view of known issues affecting its components. The collection includes a comprehensive range of vulnerability types, such as cross-site scripting, injection flaws, and improper access control mechanisms, that have been identified within the Apache InLong ecosystem. This dataset covers security issues reported and published over the last several years, ensuring that both recent patches and legacy concerns are accounted for. By aggregating these entries, the page offers a historical perspective on how the product’s security posture has evolved in response to various exploit attempts and code auditing results. Users can utilize this resource to track vendor advisories and monitor how the Apache Software Foundation responds to specific security incidents. The aggregation allows for a deeper understanding of prevalent weakness classes that frequently impact this type of data ingestion and integration software. Furthermore, it enables security professionals and developers to look up the complete vulnerability history of Apache InLong, facilitating risk assessments and ensuring that systems remain protected against known threats. This approach supports proactive security management by highlighting patterns in defects and aiding in the prioritization of remediation efforts for ongoing deployments.

Vendor: Apache Software Foundation

CVE IDTitleCVSSSeverityPublished
CVE-2025-27531 Apache InLong: An arbitrary file read vulnerability for JDBC CWE-502 6.5AIMediumAI2025-06-06
CVE-2025-27528 Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read CWE-502 7.5AIHighAI2025-05-28
CVE-2025-27526 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass CWE-502 9.8AICriticalAI2025-05-28
CVE-2025-27522 Apache InLong: JDBC Vulnerability during verification processing CWE-502 8.1AIHighAI2025-05-28
CVE-2024-26579 Apache Inlong JDBC Vulnerability CWE-502 9.8AICriticalAI2024-05-08
CVE-2024-26580 Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability CWE-502 9.1AICriticalAI2024-03-06
CVE-2023-51784 Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager CWE-94 9.8AICriticalAI2024-01-03
CVE-2023-51785 Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager CWE-502 7.5AIHighAI2024-01-03
CVE-2023-46227 Apache inlong has an Arbitrary File Read Vulnerability CWE-502 9.8 -2023-10-19
CVE-2023-43666 Apache InLong: General user Unauthorized access User Management CWE-345 6.5 -2023-10-16
CVE-2023-43667 Apache InLong: Log Injection in Global functions CWE-74 5.3 -2023-10-16
CVE-2023-43668 Apache InLong: Jdbc Connection Security Bypass in InLong CWE-639 9.8 -2023-10-16
CVE-2023-35088 Apache InLong: SQL injection in audit endpoint CWE-89 9.8 -2023-07-25
CVE-2023-34434 Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param CWE-502 7.5 -2023-07-25
CVE-2023-34189 Apache InLong: General user can delete and update process CWE-668 9.1 -2023-07-25
CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong CWE-269 8.8 -2023-05-22
CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications CWE-552 6.5 -2023-05-22
CVE-2023-31065 Apache InLong: Insufficient Session Expiration in InLong CWE-613 9.8 -2023-05-22
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources CWE-552 8.1 -2023-05-22
CVE-2023-31098 Apache InLong: Weak Password Implementation in InLong CWE-521 7.4 -2023-05-22
CVE-2023-31101 Apache InLong: Users who joined later can see the data of deleted users CWE-1188 5.3 -2023-05-22
CVE-2023-31103 Apache InLong: Attackers can change the immutable name and type of cluster CWE-668 8.2 -2023-05-22
CVE-2023-31206 Apache InLong: Attackers can change the immutable name and type of nodes CWE-668 8.2 -2023-05-22
CVE-2023-31453 Apache InLong: IDOR make users can delete others' subscription CWE-732 7.5 -2023-05-22
CVE-2023-31454 Apache InLong: IDOR make users can bind any cluster CWE-732 9.8 -2023-05-22
CVE-2023-31058 Apache InLong: JDBC URL bypassing by adding blanks CWE-502 9.8 -2023-05-22
CVE-2023-30465 Apache InLong: SQL injection in apache inLong 1.5.0 CWE-89 5.3 -2023-04-11
CVE-2023-27296 Apache InLong: JDBC Deserialization Vulnerability in InLong CWE-502 8.8 -2023-03-27
CVE-2023-24997 Apache InLong: Jdbc Connection Security Bypass CWE-502 9.8 -2023-02-01
CVE-2023-24977 Apache InLong: Jdbc Connection causes arbitrary file reading in InLong CWE-125 7.5 -2023-02-01

All 31 known CVE vulnerabilities affecting Apache InLong with full Chinese analysis, references, and POCs where available.