You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Apache InLong Deserialization of Untrusted Data Vulnerability
High severity
GitHub Reviewed
Published
Jul 6, 2023
to the GitHub Advisory Database
•
Updated Nov 10, 2023
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the autoDeserialize option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick apache/inlong#7674 to solve it.
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the
autoDeserialize
option filtering by adding blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick apache/inlong#7674 to solve it.References