Apache Software Foundation Apache Inlong Tubemq Client vulnerabilities

1 known vulnerability affecting apache_software_foundation/apache_inlong_tubemq_client.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1

Vulnerabilities

Page 1 of 1

CVE-2024-36268CRITICALCVSS 9.8≥ 1.10.0, ≤ 1.12.02024-08-02

CVE-2024-36268 [CRITICAL] CWE-94 CVE-2024-36268: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issu Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/10251