apache/inlong

apache/inlong

inlong.apache.org

Releases31

Frequency1 month 3 weeks

Last Release 26 days ago

Stars1.49K

Apache InLong - a one-stop, full-scenario integration framework for massive data

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-27522 ↗	May 28, 2025Wednesday, 28 May 2025, 08:15	6.5 MEDIUM	—
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11732
CVE-2025-27526 ↗	May 28, 2025Wednesday, 28 May 2025, 08:15	6.5 MEDIUM	—
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11747
CVE-2025-27528 ↗	May 28, 2025Wednesday, 28 May 2025, 08:15	9.1 CRITICAL	—
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11747