CVE-2023-51784

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick %5b.%5d to solve it.

%5b.%5d https://github.com/apache/inlong/pull/9329

CVSS Version 3.1

nvd
CVE ID: CVE-2023-51784
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

Refrence: NVD MITRE

Description​

Description