org.apache.inlong:manager-web

Maven7 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.apache.inlong:manager-webpage 1 of 1

CVE-2023-31062CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.2.0-incubating, 1.3.0, 1.4.0, 1.5.0, 1.6.0
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be…
CVE-2023-31065CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the…
CVE-2023-31066CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others…
CVE-2023-31101MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.5.0, 1.6.0
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Use…
CVE-2023-31103HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are …
CVE-2023-31206HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.4.0, 1.5.0, 1.6.0
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advi…
CVE-2023-31453HIGHCVSS 7.5EG 7.5✓ Fixed in 1.7.0
2023-05-22
vulnerable: 1.2.0-incubating, 1.3.0, 1.4.0, 1.5.0, 1.6.0
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are no…

Check whether org.apache.inlong:manager-web is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.inlong:manager-web CVEs against the assets you own.

Start Free Scan →