Описание
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
Ссылки
- Mailing ListVendor Advisory
- Mailing ListVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:inlong:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:inlong:1.6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00143
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-1188
Связанные уязвимости
EPSS
Процентиль: 35%
0.00143
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-1188