org.apache.inlong:manager-pojo
Maven15 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.inlong:manager-pojopage 1 of 1
- CVE-2023-30465MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.6.02023-04-11
vulnerable: 1.4.0, 1.5.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" par…
- CVE-2023-31058HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users…
- CVE-2023-31062CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.7.02023-05-22
vulnerable: 1.3.0, 1.4.0, 1.5.0, 1.6.0
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be…
- CVE-2023-31065CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the…
- CVE-2023-31098CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.47.02023-05-22
vulnerable: 1.10.0 ... 1.9.0 (8 versions)
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0. When users change their password to a simple password (with any character or symbol), attac…
- CVE-2023-31101MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.5.0, 1.6.0
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Use…
- CVE-2023-31103HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are …
- CVE-2023-31206HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advi…
- CVE-2023-34434HIGHCVSS 7.5EG 7.5✓ Fixed in 1.8.02023-07-25
vulnerable: 1.4.0, 1.5.0, 1.6.0, 1.7.0
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could bypass the current logic and achieve arbitrary file reading. To s…
- CVE-2023-43668CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.9.02023-10-16
vulnerable: 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0
Authorization Bypass Through User-Controlled Key vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, some sensitive params checks will be bypassed, like "autoDeserizalize","allowLoadLocalInfile"..…
- CVE-2023-46227HIGHCVSS 7.5EG 7.5✓ Fixed in 1.9.02023-10-19
vulnerable: 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong's …
- CVE-2023-51784CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.10.02024-01-03
vulnerable: 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong'…
- CVE-2023-51785HIGHCVSS 7.5EG 7.5✓ Fixed in 1.10.02024-01-03
vulnerable: 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache I…
- CVE-2024-26579CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.12.02024-05-08
vulnerable: 1.10.0, 1.11.0, 1.7.0, 1.8.0, 1.9.0
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 …
- CVE-2025-27522MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.2.02025-05-28
vulnerable: 1.13.0, 2.0.0, 2.1.0
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache In…
Check whether org.apache.inlong:manager-pojo is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.inlong:manager-pojo CVEs against the assets you own.
Start Free Scan →