Vulnerabilities > Apache > Inlong > 1.10.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-02 CVE-2024-36268 Unspecified vulnerability in Apache Inlong 1.10.0/1.11.0/1.12.0
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution.
network
low complexity
apache
critical
9.8
2024-05-08 CVE-2024-26579 Unspecified vulnerability in Apache Inlong
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0,  the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], [2] to solve it. [1] https://github.com/apache/inlong/pull/9694 [2]  https://github.com/apache/inlong/pull/9707
network
low complexity
apache
critical
9.8