CVE-2024-26580
CVSS v3.1
9.1 (Critical)
EPSS
0.04 % (10th)
Advisories
1
NVD Status
Awaiting Analysis
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 through 1.10.0, the attackers can
use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cherry-pick [1] to solve it.
Weaknesses
- CWE-502
- Deserialization of Untrusted Data
- CVE Status
- PUBLISHED
- NVD Status
- Awaiting Analysis
- CNA
- Apache Software Foundation
- Published Date
-
2024-03-06 12:15:45
(6 months ago) - Updated Date
-
2024-08-01 13:48:11
(6 weeks ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...