Vulnerabilites related to apache - linkis
cve-2023-27603
Vulnerability from cvelistv5
Published
2023-04-10 07:36
Modified
2024-10-22 15:24
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8 | mailing-list, vendor-advisory | |
| https://www.openwall.com/lists/oss-security/2023/04/10/2 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:16:36.515Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "mailing-list", "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/2", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-27603", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T15:22:15.057216Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T15:24:50.114Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "4ra1n", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\nIn Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a </span><span style=\"background-color: rgb(255, 255, 255);\">potential RCE vulnerability.<br>\n\nWe recommend users upgrade the version of Linkis to version 1.3.2.\n\n</span>\n\n", }, ], value: "\n\n\nIn Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability.\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2.\n\n\n\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-14T07:17:51.536Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "mailing-list", "vendor-advisory", ], url: "https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8", }, { url: "https://www.openwall.com/lists/oss-security/2023/04/10/2", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-27603", datePublished: "2023-04-10T07:36:50.250Z", dateReserved: "2023-03-04T10:49:03.741Z", dateUpdated: "2024-10-22T15:24:50.114Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44644
Vulnerability from cvelistv5
Published
2023-01-31 09:40
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.1
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis (incubating) |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis (incubating)", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Department of Cyber Security Research (Jumbo, Unc1e), Beijing Zhiqian Technology Co., LTD", }, { lang: "en", type: "reporter", value: "s3gundo of Hundsun Tech ", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. <br><br><span style=\"background-color: rgb(255, 255, 255);\">We recommend users upgrade the version of Linkis to version 1.3.1</span><br>", }, ], value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. \n\nWe recommend users upgrade the version of Linkis to version 1.3.1\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-15T08:36:52.828Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis (incubating): The DatasourceManager module has a Local File Read Vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-44644", datePublished: "2023-01-31T09:40:52.676Z", dateReserved: "2022-11-03T08:44:03.767Z", dateUpdated: "2024-08-03T13:54:03.937Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-41916
Vulnerability from cvelistv5
Published
2024-07-15 07:53
Modified
2025-03-14 15:16
Severity ?
EPSS score ?
Summary
In Apache Linkis =1.4.0, due to the lack of effective filtering
of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.5.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis DataSource |
Version: 1.4.0 |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-41916", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-15T15:17:30.681890Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-14T15:16:15.724Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:03:55.317Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/13/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.linkis:linkis-metadata-query-service-jdbc", product: "Apache Linkis DataSource", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.5.0", status: "affected", version: "1.4.0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Pho3n1x ", }, { lang: "en", type: "reporter", value: " L0ne1y", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger <span style=\"background-color: rgb(255, 255, 255);\">arbitrary file reading</span>. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected. <br>We recommend users upgrade the version of Linkis to version 1.5.0.\n\n<br>\n\n", }, ], value: "\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected. \nWe recommend users upgrade the version of Linkis to version 1.5.0.\n\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T07:53:57.843Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-41916", datePublished: "2024-07-15T07:53:57.843Z", dateReserved: "2023-09-05T07:51:39.686Z", dateUpdated: "2025-03-14T15:16:15.724Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44645
Vulnerability from cvelistv5
Published
2023-01-31 09:38
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users to upgrade the version of Linkis to version 1.3.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis (incubating) |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.985Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis (incubating)", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.0", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Tian Xin WU (Bearcat) , Vulnerability Researcher at Numen Cyber Labs, Singapore.", }, { lang: "en", type: "remediation developer", value: "Department of Cyber Security Research (Jumbo, Unc1e)", }, { lang: "en", type: "remediation developer", value: "s3gundo of Hundsun Tech ", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.<br><br>We recommend users to upgrade the version of Linkis to version 1.3.1.<br>", }, ], value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\n\nWe recommend users to upgrade the version of Linkis to version 1.3.1.\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-31T09:38:07.355Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis (incubating): The DatasourceManager module has a serialization attack vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-44645", datePublished: "2023-01-31T09:38:07.355Z", dateReserved: "2022-11-03T08:45:25.305Z", dateUpdated: "2024-08-03T13:54:03.985Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-27182
Vulnerability from cvelistv5
Published
2024-08-02 09:29
Modified
2024-08-02 16:03
Severity ?
EPSS score ?
Summary
In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis Basic management services |
Version: 1.3.2 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-27182", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-02T13:55:06.669774Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-02T14:03:18.945Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T16:03:25.167Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2024/08/02/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.linkis:linkis-pes-publicservice", product: "Apache Linkis Basic management services", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.6.0", status: "affected", version: "1.3.2", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "superx", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Apache Linkis <= 1.5.0,\n\nArbitrary file deletion in Basic management services on \n\n<span style=\"background-color: rgb(255, 255, 255);\">A user with an administrator account could delete any file accessible by the Linkis system user</span>\n\n.<br>Users are recommended to upgrade to version 1.6.0, which fixes this issue.", }, ], value: "In Apache Linkis <= 1.5.0,\n\nArbitrary file deletion in Basic management services on \n\nA user with an administrator account could delete any file accessible by the Linkis system user\n\n.\nUsers are recommended to upgrade to version 1.6.0, which fixes this issue.", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-02T09:29:38.967Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2024-27182", datePublished: "2024-08-02T09:29:33.391Z", dateReserved: "2024-02-21T03:05:04.990Z", dateUpdated: "2024-08-02T16:03:25.167Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46801
Vulnerability from cvelistv5
Published
2024-07-15 07:55
Modified
2024-09-13 17:03
Severity ?
EPSS score ?
Summary
In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them.
This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis DataSource |
Version: 1.4.0 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThan: "1.6.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-46801", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-15T13:16:05.304946Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-15T13:16:09.548Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:03:56.293Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/13/6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.linkis:linkis-metadata-query-service-jdbc", product: "Apache Linkis DataSource", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.6.0", status: "affected", version: "1.4.0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Pho3n1x ", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\nIn Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n", }, ], value: "\nIn Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n", }, ], metrics: [ { other: { content: { text: "moderate", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T07:55:29.702Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis DataSource: DataSource Remote code execution vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-46801", datePublished: "2024-07-15T07:55:29.702Z", dateReserved: "2023-10-26T14:22:57.897Z", dateUpdated: "2024-09-13T17:03:56.293Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-27987
Vulnerability from cvelistv5
Published
2023-04-10 07:37
Modified
2024-10-17 20:20
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values.
We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1]
https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p | vendor-advisory, mailing-list | |
| https://www.openwall.com/lists/oss-security/2023/04/10/3 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:23:30.699Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/3", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-27987", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-17T20:20:28.978438Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-17T20:20:41.204Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Laihan", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\nIn Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values.<br>\n\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1]<br><a target=\"_blank\" rel=\"nofollow\" href=\"https://linkis.apache.org/docs/latest/auth/token\">https://linkis.apache.org/docs/latest/auth/token</a>\n\n\n\n<br>", }, ], value: "\nIn Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values.\n\n\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1]\n https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token \n\n\n\n\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-326", description: "CWE-326 Inadequate Encryption Strength", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-14T07:51:55.696Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", "mailing-list", ], url: "https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p", }, { url: "https://www.openwall.com/lists/oss-security/2023/04/10/3", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Linkis gateway module token authentication bypass", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-27987", datePublished: "2023-04-10T07:37:07.558Z", dateReserved: "2023-03-09T07:54:39.525Z", dateUpdated: "2024-10-17T20:20:41.204Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-27602
Vulnerability from cvelistv5
Published
2023-04-10 07:36
Modified
2025-02-13 16:45
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.
We recommend users upgrade the version of Linkis to version 1.3.2.
For versions
<=1.3.1, we suggest turning on the file path check switch in linkis.properties
`wds.linkis.workspace.filesystem.owner.check=true`
`wds.linkis.workspace.filesystem.path.check=true`
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:16:35.883Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "mailing-list", "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/wt70jfc0yfs6s5g0wg5dr5klnc48nsp1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/18/4", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/19/3", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-27602", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T15:25:12.309658Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T15:26:24.290Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Laihan", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\nIn Apache Linkis <=1.3.1, The PublicService module uploads </span><span style=\"background-color: rgb(255, 255, 255);\">files without restrictions on the path to the uploaded </span><span style=\"background-color: rgb(255, 255, 255);\">files, and file types.<br>\n\nWe recommend users upgrade the version of Linkis to version 1.3.2. \n<br>For versions \n\n<=1.3.1, we suggest turning on the file path check switch in linkis.properties<br>\n<span style=\"background-color: rgb(255, 255, 255);\">`wds.linkis.workspace.</span><span style=\"background-color: rgb(255, 255, 255);\">filesystem.owner.check=true`<br><span style=\"background-color: rgb(255, 255, 255);\">`wds.linkis.workspace.</span><span style=\"background-color: rgb(255, 255, 255);\">filesystem.path.check=true`</span></span></span>", }, ], value: "In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2. \n\nFor versions \n\n<=1.3.1, we suggest turning on the file path check switch in linkis.properties\n\n`wds.linkis.workspace.filesystem.owner.check=true`\n`wds.linkis.workspace.filesystem.path.check=true`", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434 Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-19T11:06:11.804Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "mailing-list", "vendor-advisory", ], url: "https://lists.apache.org/thread/wt70jfc0yfs6s5g0wg5dr5klnc48nsp1", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/10/1", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/18/4", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/19/3", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Linkis publicsercice module unrestricted upload of file", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-27602", datePublished: "2023-04-10T07:36:28.437Z", dateReserved: "2023-03-04T10:46:35.079Z", dateUpdated: "2025-02-13T16:45:29.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29215
Vulnerability from cvelistv5
Published
2023-04-10 07:35
Modified
2025-02-13 16:49
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.1, due to the lack of effective filtering
of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a
deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls | vendor-advisory, mailing-list | |
| http://www.openwall.com/lists/oss-security/2023/04/10/4 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.874Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/4", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-29215", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T15:26:45.501261Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T15:27:46.240Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "sw0rd1ight", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Apache Linkis <=1.3.1, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a\ndeserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.<br>We recommend users upgrade the version of Linkis to version 1.3.2.\n\n<br>", }, ], value: "In Apache Linkis <=1.3.1, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a\ndeserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\nWe recommend users upgrade the version of Linkis to version 1.3.2.", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-10T07:40:22.237Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", "mailing-list", ], url: "https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/10/4", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Linkis JDBC EngineCon has a deserialization command execution", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-29215", datePublished: "2023-04-10T07:35:23.690Z", dateReserved: "2023-04-03T14:49:09.555Z", dateUpdated: "2025-02-13T16:49:02.260Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39944
Vulnerability from cvelistv5
Published
2022-10-26 00:00
Modified
2024-08-03 12:07
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.2.0 will be affected, We recommend users to update to 1.3.0.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: Apache Linkis < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:07:42.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.2.0", status: "affected", version: "Apache Linkis", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by 4ra1n and zac from ZAC Security Team", }, ], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.2.0 will be affected, We recommend users to update to 1.3.0.", }, ], metrics: [ { other: { content: { other: "important", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Remote code execution vulnerability ", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-26T00:00:00", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc", }, ], source: { discovery: "UNKNOWN", }, title: "The Apache Linkis JDBC EngineConn module has a RCE Vulnerability", workarounds: [ { lang: "en", value: " <= 1.2.0 users should upgrade to 1.3.0. \nOr upgrade the materials of JDBC EngineConn separately, you can refer to: https://github.com/apache/incubator-linkis/tree/master/linkis-engineconn-plugins/jdbc", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-39944", datePublished: "2022-10-26T00:00:00", dateReserved: "2022-09-05T00:00:00", dateUpdated: "2024-08-03T12:07:42.949Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29216
Vulnerability from cvelistv5
Published
2023-04-10 07:37
Modified
2025-02-13 16:49
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.3.1, because the parameters are not
effectively filtered, the attacker uses the MySQL data source and malicious parameters to
configure a new data source to trigger a deserialization vulnerability, eventually leading to
remote code execution.
Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l | vendor-advisory, mailing-list | |
| http://www.openwall.com/lists/oss-security/2023/04/10/5 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.897Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/5", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "linkis", vendor: "apache", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-29216", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T15:20:54.992739Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T15:21:53.575Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Apache Linkis", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.3.1", status: "affected", version: "0", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "sw0rd1ight", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Apache Linkis <=1.3.1, because the parameters are not\neffectively filtered, the attacker uses the MySQL data source and malicious parameters to\nconfigure a new data source to trigger a deserialization vulnerability, eventually leading to\nremote code execution.<br> Versions of Apache Linkis <= 1.3.0 will be affected.<br>We recommend users upgrade the version of Linkis to version 1.3.2.\n\n<br>", }, ], value: "In Apache Linkis <=1.3.1, because the parameters are not\neffectively filtered, the attacker uses the MySQL data source and malicious parameters to\nconfigure a new data source to trigger a deserialization vulnerability, eventually leading to\nremote code execution.\n Versions of Apache Linkis <= 1.3.0 will be affected.\nWe recommend users upgrade the version of Linkis to version 1.3.2.", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-10T07:40:23.203Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", "mailing-list", ], url: "https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/10/5", }, ], source: { discovery: "EXTERNAL", }, title: "Apache Linkis DatasourceManager module has a deserialization command execution", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-29216", datePublished: "2023-04-10T07:37:29.383Z", dateReserved: "2023-04-03T15:04:14.339Z", dateUpdated: "2025-02-13T16:49:02.797Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-49566
Vulnerability from cvelistv5
Published
2024-07-15 07:56
Modified
2024-09-13 17:03
Severity ?
EPSS score ?
Summary
In Apache Linkis <=1.5.0, due to the lack of effective filtering
of parameters, an attacker configuring malicious
db2
parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted.
This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.
Versions of Apache Linkis
<=1.5.0
will be affected.
We recommend users upgrade the version of Linkis to version 1.6.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Linkis DataSource |
Version: * |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-49566", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-15T13:14:11.032196Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-15T20:23:10.817Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:03:59.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/13/5", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://repo.maven.apache.org/maven2", defaultStatus: "unaffected", packageName: "org.apache.linkis:linkis-metadata-query-service-jdbc", product: "Apache Linkis DataSource", vendor: "Apache Software Foundation", versions: [ { lessThan: "1.6.0", status: "affected", version: "*", versionType: "maven", }, ], }, ], credits: [ { lang: "en", type: "reporter", value: "Joyh", }, { lang: "en", type: "reporter", value: "L0ne1y", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\nIn Apache Linkis <=1.5.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious \n\ndb2\n\n parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\n\n Versions of Apache Linkis \n\n<=1.5.0\n\n will be affected.<br>We recommend users upgrade the version of Linkis to version 1.6.0.<br>", }, ], value: "\nIn Apache Linkis <=1.5.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious \n\ndb2\n\n parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\n\n Versions of Apache Linkis \n\n<=1.5.0\n\n will be affected.\nWe recommend users upgrade the version of Linkis to version 1.6.0.\n", }, ], metrics: [ { other: { content: { text: "important", }, type: "Textual description of severity", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-15T07:56:51.500Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "vendor-advisory", ], url: "https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2023-49566", datePublished: "2024-07-15T07:56:51.500Z", dateReserved: "2023-11-27T12:52:53.546Z", dateUpdated: "2024-09-13T17:03:59.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-01-31 10:15
Modified
2024-11-21 07:28
Severity ?
Summary
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users to upgrade the version of Linkis to version 1.3.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4 | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "470910AB-1B29-4C8C-9C03-FD4A3C233523", versionEndIncluding: "1.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\n\nWe recommend users to upgrade the version of Linkis to version 1.3.1.\n", }, { lang: "es", value: "En Apache Linkis <=1.3.0 cuando se usa con MySQL Connector/J, existe una vulnerabilidad de deserialización con posible impacto en la ejecución remota de código cuando un atacante tiene acceso de escritura a una base de datos y configura una nueva fuente de datos con una fuente de datos MySQL y parámetros maliciosos. Por lo tanto, los parámetros en la URL de jdbc deben estar en la lista negra. Las versiones de Apache Linkis <=1.3.00 se verán afectadas. Recomendamos a los usuarios actualizar la versión de Linkis a la versión 1.3.1.", }, ], id: "CVE-2022-44645", lastModified: "2024-11-21T07:28:15.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-31T10:15:10.153", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/zlcfmvt65blqc4n6fxypg6f0ns8fqfz4", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-15 08:15
Modified
2025-03-14 16:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
In Apache Linkis =1.4.0, due to the lack of effective filtering
of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.5.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/13/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729 | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "5F9BA8E6-F548-4333-989B-33F7B4362998", versionEndExcluding: "1.6.0", versionStartIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nIn Apache Linkis =1.4.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis = 1.4.0 will be affected. \nWe recommend users upgrade the version of Linkis to version 1.5.0.\n\n", }, { lang: "es", value: "En Apache Linkis = 1.4.0, debido a la falta de filtrado efectivo de parámetros, un atacante que configure parámetros maliciosos de Mysql JDBC en el módulo DataSource Manager activará la lectura de archivos arbitrarios. Por lo tanto, los parámetros en la URL JDBC de Mysql deben estar en la lista negra. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Las versiones de Apache Linkis = 1.4.0 se verán afectadas. Recomendamos a los usuarios actualizar la versión de Linkis a la versión 1.5.0.", }, ], id: "CVE-2023-41916", lastModified: "2025-03-14T16:15:27.367", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-15T08:15:02.107", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/13/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/dxkpwyoxy1jpdwlpqp15zvo0jxn4v729", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "security@apache.org", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-10 08:15
Modified
2025-02-13 17:16
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.
We recommend users upgrade the version of Linkis to version 1.3.2.
For versions
<=1.3.1, we suggest turning on the file path check switch in linkis.properties
`wds.linkis.workspace.filesystem.owner.check=true`
`wds.linkis.workspace.filesystem.path.check=true`
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "AB515AB9-F11F-4FC1-93B5-B9ADB046B5F8", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2. \n\nFor versions \n\n<=1.3.1, we suggest turning on the file path check switch in linkis.properties\n\n`wds.linkis.workspace.filesystem.owner.check=true`\n`wds.linkis.workspace.filesystem.path.check=true`", }, ], id: "CVE-2023-27602", lastModified: "2025-02-13T17:16:13.637", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-10T08:15:06.967", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/1", }, { source: "security@apache.org", url: "http://www.openwall.com/lists/oss-security/2023/04/18/4", }, { source: "security@apache.org", url: "http://www.openwall.com/lists/oss-security/2023/04/19/3", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/wt70jfc0yfs6s5g0wg5dr5klnc48nsp1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2023/04/18/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2023/04/19/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/wt70jfc0yfs6s5g0wg5dr5klnc48nsp1", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "security@apache.org", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-10 08:15
Modified
2025-02-13 17:16
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Apache Linkis <=1.3.1, because the parameters are not
effectively filtered, the attacker uses the MySQL data source and malicious parameters to
configure a new data source to trigger a deserialization vulnerability, eventually leading to
remote code execution.
Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2023/04/10/5 | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/04/10/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "AB515AB9-F11F-4FC1-93B5-B9ADB046B5F8", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.3.1, because the parameters are not\neffectively filtered, the attacker uses the MySQL data source and malicious parameters to\nconfigure a new data source to trigger a deserialization vulnerability, eventually leading to\nremote code execution.\n Versions of Apache Linkis <= 1.3.0 will be affected.\nWe recommend users upgrade the version of Linkis to version 1.3.2.", }, ], id: "CVE-2023-29216", lastModified: "2025-02-13T17:16:17.877", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-10T08:15:07.290", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/5", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-31 10:15
Modified
2024-11-21 07:28
Severity ?
Summary
In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.1
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "470910AB-1B29-4C8C-9C03-FD4A3C233523", versionEndIncluding: "1.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. \n\nWe recommend users upgrade the version of Linkis to version 1.3.1\n", }, { lang: "es", value: "En Apache Linkis <=1.3.0, cuando se usa con MySQL Connector/J en el módulo de fuente de datos, un atacante autenticado podría leer archivos locales arbitrarios conectando un servidor MySQL no autorizado, agregando enableLoadLocalInfile a verdadero en el parámetro JDBC. Por lo tanto, los parámetros en la URL de JDBC deben estar en la lista negra. Las versiones de Apache Linkis <=1.3.0 se verán afectadas. Recomendamos a los usuarios actualizar la versión de Linkis a la versión 1.3.1", }, ], id: "CVE-2022-44644", lastModified: "2024-11-21T07:28:15.407", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-31T10:15:09.233", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-10 08:15
Modified
2025-02-13 17:16
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Apache Linkis <=1.3.1, due to the lack of effective filtering
of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a
deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2023/04/10/4 | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/04/10/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "AB515AB9-F11F-4FC1-93B5-B9ADB046B5F8", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.3.1, due to the lack of effective filtering\nof parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EengineConn Module will trigger a\ndeserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected.\nWe recommend users upgrade the version of Linkis to version 1.3.2.", }, ], id: "CVE-2023-29215", lastModified: "2025-02-13T17:16:17.720", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-10T08:15:07.237", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/4", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/04/10/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/o682wz1ggq491ybvjwokxvcdtnzo76ls", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-10 08:15
Modified
2024-11-21 07:53
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values.
We recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1]
https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p | Mailing List, Vendor Advisory | |
| security@apache.org | https://www.openwall.com/lists/oss-security/2023/04/10/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2023/04/10/3 | Mailing List |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "AB515AB9-F11F-4FC1-93B5-B9ADB046B5F8", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nIn Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values.\n\n\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2 And modify the default token value. You can refer to Token authorization[1]\n https://linkis.apache.org/docs/latest/auth/token https://linkis.apache.org/docs/latest/auth/token \n\n\n\n\n", }, ], id: "CVE-2023-27987", lastModified: "2024-11-21T07:53:52.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-10T08:15:07.180", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/3cr1cz3210wzwngldwrqzm43vwhghp0p", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/3", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-326", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-10 08:15
Modified
2024-11-21 07:53
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability.
We recommend users upgrade the version of Linkis to version 1.3.2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8 | Mailing List, Vendor Advisory | |
| security@apache.org | https://www.openwall.com/lists/oss-security/2023/04/10/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2023/04/10/2 | Mailing List |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "AB515AB9-F11F-4FC1-93B5-B9ADB046B5F8", versionEndIncluding: "1.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "\n\n\nIn Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability.\n\n\nWe recommend users upgrade the version of Linkis to version 1.3.2.\n\n\n\n", }, ], id: "CVE-2023-27603", lastModified: "2024-11-21T07:53:14.660", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-10T08:15:07.133", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/6n1vlvnyn441rm02zdqc0wnpckj8ltn8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/04/10/2", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-15 08:15
Modified
2024-11-21 08:33
Severity ?
Summary
In Apache Linkis <=1.5.0, due to the lack of effective filtering
of parameters, an attacker configuring malicious
db2
parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted.
This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.
Versions of Apache Linkis
<=1.5.0
will be affected.
We recommend users upgrade the version of Linkis to version 1.6.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/13/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "5F9BA8E6-F548-4333-989B-33F7B4362998", versionEndExcluding: "1.6.0", versionStartIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nIn Apache Linkis <=1.5.0, due to the lack of effective filtering\nof parameters, an attacker configuring malicious \n\ndb2\n\n parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out.\n\n Versions of Apache Linkis \n\n<=1.5.0\n\n will be affected.\nWe recommend users upgrade the version of Linkis to version 1.6.0.\n", }, { lang: "es", value: "En Apache Linkis <= 1.5.0, debido a la falta de un filtrado efectivo de parámetros, un atacante que configure parámetros db2 maliciosos en el módulo DataSource Manager resultará en una inyección de jndi. Por lo tanto, los parámetros en la URL de DB2 deben estar en la lista negra. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Las versiones de Apache Linkis <=1.5.0 se verán afectadas. Recomendamos a los usuarios actualizar la versión de Linkis a la versión 1.6.0.", }, ], id: "CVE-2023-49566", lastModified: "2024-11-21T08:33:34.137", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-15T08:15:02.367", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/13/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/t68yy52lmv7pxgrxnq6rw7rwvk9tb1xj", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-15 08:15
Modified
2024-11-21 08:29
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them.
This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/13/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx | Mailing List, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "5F9BA8E6-F548-4333-989B-33F7B4362998", versionEndExcluding: "1.6.0", versionStartIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nIn Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. The deserialization vulnerability exploited through jrmp can inject malicious files into the server and execute them. \n\nThis attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. We recommend that users upgrade the java version to >= 1.8.0_241. Or users upgrade Linkis to version 1.6.0.\n\n", }, { lang: "es", value: "En Apache Linkis <= 1.5.0, el módulo de administración de fuentes de datos, al agregar una fuente de datos Mysql, existe una vulnerabilidad de ejecución remota de código para la versión de Java <1.8.0_241. La vulnerabilidad de deserialización explotada mediante jrmp puede inyectar archivos maliciosos en el servidor y ejecutarlos. Este ataque requiere que el atacante obtenga una cuenta autorizada de Linkis antes de poder llevarse a cabo. Recomendamos que los usuarios actualicen la versión de Java a >= 1.8.0_241. O los usuarios actualizan Linkis a la versión 1.6.0.", }, ], id: "CVE-2023-46801", lastModified: "2024-11-21T08:29:20.047", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-15T08:15:02.253", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/13/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/0dnzh64xy1n7qo3rgo2loz9zn7m9xgdx", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "security@apache.org", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-26 16:15
Modified
2024-11-21 07:18
Severity ?
Summary
In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.2.0 will be affected, We recommend users to update to 1.3.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc | Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "6E35C539-D9F4-499B-8261-A8863AB54525", versionEndIncluding: "1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.2.0 will be affected, We recommend users to update to 1.3.0.", }, { lang: "es", value: "En Apache Linkis versiones anteriores a 1.2.0 incluyéndola, cuando es usado con el Conector/J de MySQL, se presenta una vulnerabilidad de deserialización con posible impacto de ejecución de código remota cuando un atacante presenta acceso de escritura a una base de datos y configura un EC JDBC con una fuente de datos MySQL y parámetros maliciosos. Por lo tanto, los parámetros en la url jdbc deben estar en la lista negra. Las versiones de Apache Linkis anteriores a 1.2.0 incluyéndola, serán afectadas, recomendamos a usuarios actualizar a 1.3.0", }, ], id: "CVE-2022-39944", lastModified: "2024-11-21T07:18:31.890", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-26T16:15:11.703", references: [ { source: "security@apache.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://lists.apache.org/thread/rxytj48q17304snonjtyt5lnlw64gccc", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-02 10:16
Modified
2024-11-21 09:04
Severity ?
Summary
In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:*", matchCriteriaId: "A34962F7-E33B-4593-99EE-B99AE33E5130", versionEndExcluding: "1.6.0", versionStartIncluding: "1.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Apache Linkis <= 1.5.0,\n\nArbitrary file deletion in Basic management services on \n\nA user with an administrator account could delete any file accessible by the Linkis system user\n\n.\nUsers are recommended to upgrade to version 1.6.0, which fixes this issue.", }, { lang: "es", value: "En Apache Linkis <= 1.5.0, la eliminación arbitraria de archivos en los servicios de administración básicos puede provocar que un usuario con una cuenta de administrador elimine cualquier archivo al que tenga acceso el usuario del sistema Linkis. Se recomienda a los usuarios que actualicen a la versión 1.6.0, que soluciona este problema.", }, ], id: "CVE-2024-27182", lastModified: "2024-11-21T09:04:02.687", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-02T10:16:00.250", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/08/02/4", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-552", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }