Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false records, making it harder to audit
and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick [1] to solve it.
[1] https://github.com/apache/inlong/pull/8628
References
Link | Resource |
---|---|
https://lists.apache.org/thread/spnb378g268p1f902fr9kqyph2k8n543 | Mailing List |
Configurations
History
19 Oct 2023, 16:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:* | |
References | (MISC) https://lists.apache.org/thread/spnb378g268p1f902fr9kqyph2k8n543 - Mailing List | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Apache
Apache inlong |
16 Oct 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-16 09:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-43667
Mitre link : CVE-2023-43667
CVE.ORG link : CVE-2023-43667
JSON object : View
Products Affected
apache
- inlong
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')