In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability.
We recommend users upgrade the version of Linkis to version 1.3.2.
Metrics
Affected Vendors & Products
References
History
Tue, 22 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-04-10T07:36:50.250Z
Updated: 2024-10-22T15:24:50.114Z
Reserved: 2023-03-04T10:49:03.741Z
Link: CVE-2023-27603
Vulnrichment
Updated: 2024-08-02T12:16:36.515Z
NVD
Status : Modified
Published: 2023-04-10T08:15:07.133
Modified: 2024-10-22T16:35:10.000
Link: CVE-2023-27603
Redhat
No data.