Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0,
the attackers can bypass using malicious parameters.
Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], [2] to solve it.
[1] https://github.com/apache/inlong/pull/9694
[2] https://github.com/apache/inlong/pull/9707
CVSS
No CVSS.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2024-05-08T15:06:23.829Z
Updated: 2024-05-08T15:06:23.829Z
Reserved: 2024-02-19T09:14:11.118Z
Link: CVE-2024-26579
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-05-08T15:15:08.817
Modified: 2024-06-10T18:15:27.950
Link: CVE-2024-26579
JSON object: View
Redhat Information
No data.
CWE