CVE-2024-36268

NVD Published Date: August 02, 2024 at 10:16 AM
NVD Last Modified: August 27, 2024 at 05:19 PM
Download Patch
Vulnerability ID
CVE-2024-36268
Severity
CRITICAL
Severity Score
9.8
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick [1] to solve it. [1]  https://github.com/apache/inlong/pull/10251
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-94

Recent Publish

CVE-2024-40721

CVE-2024-40723

CVE-2024-40720

CVE-2024-38876

CVE-2024-38878

CVE-2024-6704

See SecOps Solution
in action

Schedule Demo