oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2025-27531: Apache InLong: An arbitrary file read vulnerability for JDBC

From: Charles Zhang <dockerzhang () apache org>
Date: Fri, 28 Feb 2025 04:04:18 +0000
Severity: moderate

Affected versions:

- Apache InLong 1.13.0 before 2.1.0

Description:

Deserialization of Untrusted Data vulnerability in Apache InLong. 

This issue affects Apache InLong: from 1.13.0 before 2.1.0, this can lead to bypass by double writing the param.





Users are recommended to upgrade to version 2.1.0, which fixes the issue.

Credit:

Ming (finder)

References:

https://inlong.apache.org
https://www.cve.org/CVERecord?id=CVE-2025-27531
Previous By Date Next
Previous By Thread Next

Current thread: