| |
Vulnerability CVE-2023-29216
Published: 2023-04-10
| Description: |
In Apache Linkis <=1.3.1, because the parameters are not
effectively filtered, the attacker uses the MySQL data source and malicious parameters to
configure a new data source to trigger a deserialization vulnerability, eventually leading to
remote code execution.
Versions of Apache Linkis <= 1.3.0 will be affected.
We recommend users upgrade the version of Linkis to version 1.3.2.
|
Type:
CWE-502 (Deserialization of Untrusted Data)
References: |
https://lists.apache.org/thread/18vv0m32oy51nzk8tbz13qdl5569y55l
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|