CVE-2023-31206

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-668
View all →

Vulnerability Description

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://cveprocess.apache.org/cve5/[1]%C2%A0https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891 https://github.com/apache/inlong/pull/7891

Related Vulnerabilities

CVE-2015-10004

HIGH
CVSS:7.5(High)

Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine th...

CWE-6682015

CVE-2015-9550

HIGH
CVSS:7.5(High)

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to op...

CWE-6682015

CVE-2017-11382

HIGH
CVSS:7.5(High)

Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. Formerly ...

CWE-6682017

CVE-2017-18073

HIGH
CVSS:7.5(High)

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, th...

CWE-6682017

CVE-2017-6100

HIGH
CVSS:7.5(High)

tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP.

CWE-6682017

CVE-2018-6910

HIGH
CVSS:7.5(High)

DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php.

CWE-6682018