Количество 2
Количество 2
CVE-2023-29216
In Apache Linkis <=1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2.
GHSA-rrhf-32rq-f28h
Apache Linkis DatasourceManager module has deserialization vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-29216 In Apache Linkis <=1.3.1, because the parameters are not effectively filtered, the attacker uses the MySQL data source and malicious parameters to configure a new data source to trigger a deserialization vulnerability, eventually leading to remote code execution. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.2. | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
| GHSA-rrhf-32rq-f28h Apache Linkis DatasourceManager module has deserialization vulnerability | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
Уязвимостей на страницу