Apache Inlong Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.7.0 through 1.11.0. The attackers can bypass using malicious parameters.

Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], [2] to solve it.

[1] apache/inlong#9694

[2] apache/inlong#9707

References

Published by the National Vulnerability Database May 8, 2024

Published to the GitHub Advisory Database May 8, 2024

Reviewed May 8, 2024

Last updated May 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

References

Severity

EPSS score

Weaknesses

CVE ID

GHSA ID

Source code