Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-jj32-3pf5-5mv5: Apache InLong Deserialization of Untrusted Data Vulnerability

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.

This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong’s 1.9.0 or cherry-pick [1] to solve it.

[1] https://github.com/apache/inlong/pull/8814

ghsa
#vulnerability#apache#git

Apache InLong Deserialization of Untrusted Data Vulnerability

Moderate severity GitHub Reviewed Published Oct 19, 2023 to the GitHub Advisory Database • Updated Oct 19, 2023

Related news

CVE-2023-46227

Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can use \t to bypass. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8814

ghsa: Latest News

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization