In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.
We recommend users upgrade the version of Linkis to version 1.5.0
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2024/03/06/2 | Mailing List |
https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo | Vendor Advisory |
http://www.openwall.com/lists/oss-security/2024/03/06/2 | Mailing List |
https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo | Vendor Advisory |
Configurations
History
07 May 2025, 15:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:* | |
First Time |
Apache
Apache linkis |
|
References | () http://www.openwall.com/lists/oss-security/2024/03/06/2 - Mailing List | |
References | () https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo - Vendor Advisory |
13 Feb 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0 |
21 Nov 2024, 08:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2024/03/06/2 - | |
References | () https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo - |
08 Nov 2024, 22:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary |
|
06 Mar 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-06 14:15
Updated : 2025-05-07 15:46
NVD link : CVE-2023-50740
Mitre link : CVE-2023-50740
CVE.ORG link : CVE-2023-50740
JSON object : View
Products Affected
apache
- linkis
CWE
CWE-532
Insertion of Sensitive Information into Log File