What is the severity of CVE-2023-51784?

CVE-2023-51784 is a high severity vulnerability that can lead to remote code execution in affected versions of Apache InLong.

How do I fix CVE-2023-51784?

To fix CVE-2023-51784, users should upgrade Apache InLong to version 1.10.0 or later.

Which versions of Apache InLong are affected by CVE-2023-51784?

CVE-2023-51784 affects Apache InLong versions from 1.5.0 up to 1.9.0.

What type of vulnerability is CVE-2023-51784?

CVE-2023-51784 is identified as a Code Injection vulnerability.

Is there a workaround for CVE-2023-51784?

There are no known workarounds for CVE-2023-51784; upgrading is the recommended solution.

Vulnerability/
CVE-2023-51784

critical

9.8

CWE

3/1/2024

13/2/2025

CVE-2023-51784: Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager

First published: Wed Jan 03 2024(Updated: )

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/9329

Credit: security@apache.org

Affected Software	Affected Version	How to fix
maven/org.apache.inlong:manager-pojo	>=1.5.0<1.10.0	1.10.0
Apache InLong	>=1.5.0<1.10.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-51784?
CVE-2023-51784 is a high severity vulnerability that can lead to remote code execution in affected versions of Apache InLong.
How do I fix CVE-2023-51784?
To fix CVE-2023-51784, users should upgrade Apache InLong to version 1.10.0 or later.
Which versions of Apache InLong are affected by CVE-2023-51784?
CVE-2023-51784 affects Apache InLong versions from 1.5.0 up to 1.9.0.
What type of vulnerability is CVE-2023-51784?
CVE-2023-51784 is identified as a Code Injection vulnerability.
Is there a workaround for CVE-2023-51784?
There are no known workarounds for CVE-2023-51784; upgrading is the recommended solution.

agent/references
agent/type
agent/first-publish-date
collector/oss-sec
source/oss-sec
alias/CVE-2023-51784
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/title
agent/weakness
agent/description
collector/github-advisory
source/GitHub
alias/GHSA-9xg9-hh45-xcm6
collector/nvd-cve
agent/softwarecombine
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/github-advisory-latest
vendor/apache
canonical/apache inlong
version/apache inlong/1.5.0
package-manager/maven

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.