Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences.

Users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8109 to solve it.

Affected Packages

Maven org.apache.inlong:inlong-manager

Affected versions: 1.4.0 (fixed in 1.8.0)

Related CVEs

CVE-2023-34189

Key Information

GHSA ID

GHSA-86pw-4rqp-6x7v

Published

July 25, 2023 9:30 AM

Last Modified

February 13, 2025 7:01 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.apache.inlong:inlong-manager

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 14, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.