Vulnerabilities > Apache > Inlong > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-27 CVE-2023-27296 Unspecified vulnerability in Apache Inlong
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong. It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability. This issue affects Apache InLong: from 1.1.0 through 1.5.0.
network
low complexity
apache
8.8
2023-02-01 CVE-2023-24977 Unspecified vulnerability in Apache Inlong
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214  to solve it.
network
low complexity
apache
7.5
2022-09-20 CVE-2022-40955 Unspecified vulnerability in Apache Inlong
In versions of Apache InLong prior to 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execution on the Apache InLong server.
network
low complexity
apache
8.8