Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-w3wr-gmwf-r333: Apache InLong has Weak Password Requirements in Apache InLong

Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.1.0 through 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user’s password and access the account. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 to solve it.

ghsa
Open in Source
#vulnerability#apache#git

Apache InLong has Weak Password Requirements in Apache InLong

Critical severity GitHub Reviewed Published Jul 6, 2023 to the GitHub Advisory Database • Updated Jul 6, 2023

Related news

CVE-2023-31098

Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0.  When users change their password to a simple password (with any character or symbol), attackers can easily guess the user's password and access the account. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 https://github.com/apache/inlong/pull/7805 to solve it.

ghsa: Latest News

GHSA-7p9f-6x8j-gxxp: CRI-O: Maliciously structured checkpoint file can gain arbitrary node access
ghsa