Search for packages
| purl | pkg:maven/org.apache.inlong/manager-web@1.4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-19bg-p9mx-r7gg
Aliases: CVE-2023-31066 GHSA-wx79-r3q8-fq9h |
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7775 https://github.com/apache/inlong/pull/7775 to solve it. |
Affected by 0 other vulnerabilities. |
|
VCID-242d-6bdt-9kbv
Aliases: CVE-2023-31065 GHSA-757p-7hp5-pqmr |
Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836, https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it. |
Affected by 0 other vulnerabilities. |
|
VCID-phe3-ctkw-jfaw
Aliases: CVE-2023-31103 GHSA-7mhc-76hf-3jp9 |
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 to solve it. |
Affected by 0 other vulnerabilities. |
|
VCID-qfyn-8g2m-ryct
Aliases: CVE-2023-31206 GHSA-f475-jgg3-3jwc |
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:45:18.126582+00:00 | GitLab Importer | Affected by | VCID-qfyn-8g2m-ryct | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.inlong/manager-web/CVE-2023-31206.yml | 38.6.0 |
| 2026-06-02T04:45:17.172338+00:00 | GitLab Importer | Affected by | VCID-phe3-ctkw-jfaw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.inlong/manager-web/CVE-2023-31103.yml | 38.6.0 |
| 2026-06-02T04:45:17.011305+00:00 | GitLab Importer | Affected by | VCID-19bg-p9mx-r7gg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.inlong/manager-web/CVE-2023-31066.yml | 38.6.0 |
| 2026-06-02T04:45:16.849781+00:00 | GitLab Importer | Affected by | VCID-242d-6bdt-9kbv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.inlong/manager-web/CVE-2023-31065.yml | 38.6.0 |