In Apache Linkis <= 1.5.0,
Arbitrary file deletion in Basic management services on
A user with an administrator account could delete any file accessible by the Linkis system user
.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h | Mailing List Vendor Advisory |
Configurations
History
16 Aug 2024, 16:55
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h - Mailing List, Vendor Advisory | |
First Time |
Apache
Apache linkis |
|
CPE | cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
02 Aug 2024, 12:59
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Aug 2024, 10:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-02 10:16
Updated : 2024-08-16 16:55
NVD link : CVE-2024-27182
Mitre link : CVE-2024-27182
CVE.ORG link : CVE-2024-27182
JSON object : View
Products Affected
apache
- linkis
CWE
CWE-552
Files or Directories Accessible to External Parties