📦 Inlong

This vulnerability allows authenticated attackers to read arbitrary files on Apache InLong servers through a deserialization flaw. It affects Apache InLong versions from 1.13.0 up to (but not includin...

This vulnerability allows attackers to exploit insecure deserialization in Apache InLong's JDBC component, enabling arbitrary file reading on affected systems. It affects Apache InLong versions 1.13.0...

This CVE describes a code injection vulnerability in Apache InLong that allows attackers to execute arbitrary code remotely. It affects Apache InLong versions 1.10.0 through 1.12.0, potentially impact...

This CVE describes a deserialization vulnerability in Apache InLong that allows attackers to bypass security controls using malicious parameters. Attackers could potentially execute arbitrary code on ...

This CVE describes a deserialization vulnerability in Apache InLong that allows attackers to read arbitrary files from the server. The vulnerability affects Apache InLong versions 1.8.0 through 1.10.0...

This CVE describes a code injection vulnerability in Apache InLong that allows attackers to execute arbitrary code remotely. It affects Apache InLong versions 1.5.0 through 1.9.0, potentially leading ...

CVE-2023-43668 is an authorization bypass vulnerability in Apache InLong that allows attackers to manipulate user-controlled parameters to bypass security checks for sensitive settings like autoDeseri...

This CVE describes an SQL injection vulnerability in Apache InLong's toAuditCkSql method where user-controlled parameters (groupId, streamId, auditId, dt) are directly concatenated into SQL queries wi...

Apache InLong versions 1.1.0 through 1.6.0 have weak password requirements that allow users to set simple passwords. Attackers can easily guess these passwords and gain unauthorized access to user acc...

This CVE describes an Insufficient Session Expiration vulnerability in Apache InLong where old sessions remain valid even after user deletion or password changes. Attackers can hijack these sessions t...

This vulnerability allows attackers with valid unprivileged accounts to escalate privileges in Apache InLong. By intercepting login requests and reusing session cookies in subsequent HTTP requests, at...

This vulnerability allows attackers to bypass security controls in Apache InLong by using tab characters to exploit a deserialization flaw. It affects all Apache InLong deployments running versions 1....

This CVE describes a log injection vulnerability in Apache InLong that allows attackers to inject malicious content into log files. This affects Apache InLong versions 1.4.0 through 1.8.0, potentially...

This CVE describes a deserialization vulnerability in Apache InLong that allows attackers to bypass security controls and read arbitrary files. It affects Apache InLong versions 1.4.0 through 1.7.0. O...

This vulnerability allows attackers to modify the immutable name and type of clusters in Apache InLong, potentially enabling unauthorized configuration changes. It affects Apache InLong versions 1.4.0...

This vulnerability in Apache InLong allows attackers to delete other users' subscriptions without proper authorization. It affects Apache InLong versions 1.2.0 through 1.6.0, potentially impacting any...

This vulnerability allows authenticated users of Apache InLong to execute arbitrary code through deserialization of untrusted data. It affects Apache InLong versions 1.1.0 through 1.5.0, potentially l...

This CVE describes an out-of-bounds read vulnerability in Apache InLong that could allow attackers to read sensitive information from memory. It affects Apache InLong versions 1.1.0 through 1.5.0. The...

This CVE describes a deserialization vulnerability in Apache InLong that allows attackers to bypass security controls through JDBC URL encoding and backspace character manipulation. It affects Apache ...