Опубликовано: 02 авг. 2024
Источник: github
Github: Прошло ревью
CVSS4: 7.1
CVSS3: 5.3
Описание
Apache Linkis vulnerable to privilege escalation
In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.
Пакеты
Наименование
org.apache.linkis:linkis
maven
Затронутые версииВерсия исправления
< 1.6.0
1.6.0
Связанные уязвимости
CVSS3: 8.8
nvd
больше 1 года назад
In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue.