org.apache.inlong:manager-service
Maven10 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.inlong:manager-servicepage 1 of 1
- CVE-2023-30465MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.6.02023-04-11
vulnerable: 1.4.0, 1.5.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" par…
- CVE-2023-31062CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.7.02023-05-22
vulnerable: 1.2.0-incubating, 1.3.0, 1.4.0, 1.5.0, 1.6.0
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be…
- CVE-2023-31065CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the…
- CVE-2023-31066CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others…
- CVE-2023-31101MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.5.0, 1.6.0
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Use…
- CVE-2023-31103HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are …
- CVE-2023-31206HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advi…
- CVE-2023-31453HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.2.0-incubating, 1.3.0, 1.4.0, 1.5.0, 1.6.0
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are no…
- CVE-2023-31454HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.02023-05-22
vulnerable: 1.2.0-incubating, 1.3.0, 1.4.0, 1.5.0, 1.6.0
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can bind any cluster, even if he is not the cluster…
- CVE-2023-35088CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.8.02023-07-25
vulnerable: 1.4.0, 1.5.0, 1.6.0, 1.7.0
Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. In the toAuditCkSql method, the gr…
Check whether org.apache.inlong:manager-service is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.inlong:manager-service CVEs against the assets you own.
Start Free Scan →