All 8 CVE vulnerabilities found in Apache Linkis, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-59355 | Apache Linkis: Password Exposure CWE-532 | 7.5AI | HighAI | 2026-01-19 |
| CVE-2025-29847 | Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass CWE-20 | 7.5AI | HighAI | 2026-01-19 |
| CVE-2023-29216 | Apache Linkis DatasourceManager module has a deserialization command execution CWE-502 | 9.8 | - | 2023-04-10 |
| CVE-2023-27987 | Apache Linkis gateway module token authentication bypass CWE-326 | 9.1 | - | 2023-04-10 |
| CVE-2023-27603 | Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue CWE-22 | 9.8 | - | 2023-04-10 |
| CVE-2023-27602 | Apache Linkis publicsercice module unrestricted upload of file CWE-434 | 9.8 | - | 2023-04-10 |
| CVE-2023-29215 | Apache Linkis JDBC EngineCon has a deserialization command execution CWE-502 | 9.8 | - | 2023-04-10 |
| CVE-2022-39944 | The Apache Linkis JDBC EngineConn module has a RCE Vulnerability | 8.8 | - | 2022-10-26 |
All 8 known CVE vulnerabilities affecting Apache Linkis with full Chinese analysis, references, and POCs where available.