Vulnerabilities > Apache > Linkis

DATE CVE VULNERABILITY TITLE RISK
2023-01-31 CVE-2022-44645 Deserialization of Untrusted Data vulnerability in Apache Linkis
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters.
network
low complexity
apache CWE-502
8.8
8.8
2022-10-26 CVE-2022-39944 Deserialization of Untrusted Data vulnerability in Apache Linkis
In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters.
network
low complexity
apache CWE-502
8.8
8.8