1. Home
  2. Vulnerabilities
  3. CVE-2024-26580

CVE-2024-26580

CVSS v3.1 9.1 (Critical)
91% Progress
EPSS 0.04 % (10th)
0.04% Progress
Advisories 1
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Graph Web & Social Timeline

Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 through 1.10.0, the attackers can

use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cherry-pick [1] to solve it.

[1] https://github.com/apache/inlong/pull/9673

Weaknesses
CWE-502
Deserialization of Untrusted Data
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Apache Software Foundation
Published Date
2024-03-06 12:15:45
(6 months ago)
Updated Date
2024-08-01 13:48:11
(6 weeks ago)