In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.
We recommend users upgrade the version of Linkis to version 1.3.2.
For versions
<=1.3.1, we suggest turning on the file path check switch in linkis.properties
`wds.linkis.workspace.filesystem.owner.check=true`
`wds.linkis.workspace.filesystem.path.check=true`
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-04-10T07:36:28.437Z
Updated: 2024-08-02T12:16:35.883Z
Reserved: 2023-03-04T10:46:35.079Z
Link: CVE-2023-27602
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-04-10T08:15:06.967
Modified: 2023-04-19T12:15:08.170
Link: CVE-2023-27602
Redhat
No data.