[MAVEN:GHSA-8M84-H9HH-3CFH] Apache SeaTunnel SQL Injection vulnerability
Severity
High
Affected Packages
1
Fixed Packages
1
CVEs
1
Mysql security vulnerability in Apache SeaTunnel.
Attackers can read files on the MySQL server by modifying the information in the MySQL URL
allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360
This issue affects Apache SeaTunnel: 1.0.0.
Users are recommended to upgrade to version [1.0.1], which fixes the issue.
| Package | Affected Version |
|---|---|
 pkg:maven/org.apache.seatunnel/seatunnel
|
= 1.0.0 |
| Package | Fixed Version |
|---|---|
|
pkg:maven/org.apache.seatunnel/seatunnel
|
= 1.0.1 |
- ID
- MAVEN:GHSA-8M84-H9HH-3CFH
- Severity
- high
- URL
- https://github.com/advisories/GHSA-8m84-h9hh-3cfh
- Published
-
2024-08-21T12:30:25
(4 weeks ago) - Modified
-
2024-08-21T20:10:15
(4 weeks ago) - Rights
- Maven Security Team
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |