Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.inlong/manager-pojo@1.7.0
Typemaven
Namespaceorg.apache.inlong
Namemanager-pojo
Version1.7.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.8.0
Latest_non_vulnerable_version2.2.0
Affected_by_vulnerabilities
0
url VCID-kc1h-rggv-y3g4
vulnerability_id VCID-kc1h-rggv-y3g4
summary 
Apache Inlong Deserialization of Untrusted Data vulnerability
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.7.0 through 1.11.0. The attackers can bypass using malicious parameters.

Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], [2] to solve it.

[1]  https://github.com/apache/inlong/pull/9694

[2]  https://github.com/apache/inlong/pull/9707
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/commit/23e3e00cae1fd120b089fca54f7440945dfe11a4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/commit/23e3e00cae1fd120b089fca54f7440945dfe11a4
2
reference_url https://github.com/apache/inlong/commit/cdf616670942fec7d09fae2452e2ea215205dd1d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/commit/cdf616670942fec7d09fae2452e2ea215205dd1d
3
reference_url https://github.com/apache/inlong/pull/9694
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/9694
4
reference_url https://github.com/apache/inlong/pull/9707
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/9707
5
reference_url https://lists.apache.org/thread/d2hndtvh6bll4pkl91o2oqxyynhr54k3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/d2hndtvh6bll4pkl91o2oqxyynhr54k3
6
reference_url http://www.openwall.com/lists/oss-security/2024/05/09/2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/05/09/2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-26579
reference_id CVE-2024-26579
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-26579
8
reference_url https://github.com/advisories/GHSA-fgh3-pwmp-3qw3
reference_id GHSA-fgh3-pwmp-3qw3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fgh3-pwmp-3qw3
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.12.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.12.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.12.0
aliases CVE-2024-26579, GHSA-fgh3-pwmp-3qw3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kc1h-rggv-y3g4
Fixing_vulnerabilities
0
url VCID-242d-6bdt-9kbv
vulnerability_id VCID-242d-6bdt-9kbv
summary 
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 


An old session can be used by an attacker even after the user has been deleted or the password has been changed.


Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836, https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it.
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
2
reference_url https://github.com/apache/inlong/pull/7884
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7884
3
reference_url https://lists.apache.org/thread/to7o0n2cks0omtwo6mhh5cs2vfdbplqf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/to7o0n2cks0omtwo6mhh5cs2vfdbplqf
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31065
reference_id CVE-2023-31065
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31065
5
reference_url https://github.com/advisories/GHSA-757p-7hp5-pqmr
reference_id GHSA-757p-7hp5-pqmr
reference_type
scores
url https://github.com/advisories/GHSA-757p-7hp5-pqmr
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31065, GHSA-757p-7hp5-pqmr
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-242d-6bdt-9kbv
1
url VCID-35x3-1q7f-eqcb
vulnerability_id VCID-35x3-1q7f-eqcb
summary 
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.  When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by sending a login
request and following it with a subsequent HTTP request
using the returned cookie.

Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
2
reference_url https://lists.apache.org/thread/btorjbo9o71h22tcvxzy076022hjdzq0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/btorjbo9o71h22tcvxzy076022hjdzq0
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31062
reference_id CVE-2023-31062
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31062
4
reference_url https://github.com/advisories/GHSA-q5p5-xg93-2jqc
reference_id GHSA-q5p5-xg93-2jqc
reference_type
scores
url https://github.com/advisories/GHSA-q5p5-xg93-2jqc
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31062, GHSA-q5p5-xg93-2jqc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35x3-1q7f-eqcb
2
url VCID-dzjh-b3km-jycq
vulnerability_id VCID-dzjh-b3km-jycq
summary Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7836
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7836
2
reference_url https://lists.apache.org/thread/shvwwr6toqz5rr39rwh4k03z08sh9jmr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/shvwwr6toqz5rr39rwh4k03z08sh9jmr
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31101
reference_id CVE-2023-31101
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31101
4
reference_url https://github.com/advisories/GHSA-h79m-5cm2-278c
reference_id GHSA-h79m-5cm2-278c
reference_type
scores
url https://github.com/advisories/GHSA-h79m-5cm2-278c
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31101, GHSA-h79m-5cm2-278c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzjh-b3km-jycq
3
url VCID-phe3-ctkw-jfaw
vulnerability_id VCID-phe3-ctkw-jfaw
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. 
Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 to solve it.
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7891
2
reference_url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/bv51zhjookcnfbz8b0xsl9wv78sn0j1p
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
reference_id CVE-2023-31103
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31103
4
reference_url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
reference_id GHSA-7mhc-76hf-3jp9
reference_type
scores
url https://github.com/advisories/GHSA-7mhc-76hf-3jp9
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31103, GHSA-7mhc-76hf-3jp9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phe3-ctkw-jfaw
4
url VCID-qfyn-8g2m-ryct
vulnerability_id VCID-qfyn-8g2m-ryct
summary 
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.

 [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7891
2
reference_url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/qb7zffo785wzpmsobjqcypodngw6kg6x
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
reference_id CVE-2023-31206
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31206
4
reference_url https://github.com/advisories/GHSA-f475-jgg3-3jwc
reference_id GHSA-f475-jgg3-3jwc
reference_type
scores
url https://github.com/advisories/GHSA-f475-jgg3-3jwc
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31206, GHSA-f475-jgg3-3jwc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyn-8g2m-ryct
5
url VCID-tnt8-a4ft-2ue5
vulnerability_id VCID-tnt8-a4ft-2ue5
summary 
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the
'autoDeserialize' option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick 

 https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it.
references
0
reference_url https://github.com/apache/inlong
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong
1
reference_url https://github.com/apache/inlong/pull/7674
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/inlong/pull/7674
2
reference_url https://lists.apache.org/thread/bkcgbn9l61croxfyspf7xd42qb189s3z
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/bkcgbn9l61croxfyspf7xd42qb189s3z
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-31058
reference_id CVE-2023-31058
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-31058
4
reference_url https://github.com/advisories/GHSA-c3rh-f2w5-fghm
reference_id GHSA-c3rh-f2w5-fghm
reference_type
scores
url https://github.com/advisories/GHSA-c3rh-f2w5-fghm
fixed_packages
0
url pkg:maven/org.apache.inlong/manager-pojo@1.7.0
purl pkg:maven/org.apache.inlong/manager-pojo@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kc1h-rggv-y3g4
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0
aliases CVE-2023-31058, GHSA-c3rh-f2w5-fghm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnt8-a4ft-2ue5
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.inlong/manager-pojo@1.7.0