In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2.
History

Tue, 22 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-04-10T07:36:50.250Z

Updated: 2024-10-22T15:24:50.114Z

Reserved: 2023-03-04T10:49:03.741Z

Link: CVE-2023-27603

cve-icon Vulnrichment

Updated: 2024-08-02T12:16:36.515Z

cve-icon NVD

Status : Modified

Published: 2023-04-10T08:15:07.133

Modified: 2024-11-21T07:53:14.660

Link: CVE-2023-27603

cve-icon Redhat

No data.