CVE-2023-50740
MEDIUM5.3EPSS 0.16%Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
發布日:2024/3/6修改日:2025/2/13
描述
In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0
受影響套件(1)
- Maven/org.apache.linkis:linkisfrom 0, < 1.5.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-50740
- PATCHhttps://github.com/apache/linkis
- WEBhttps://github.com/apache/linkis/commit/08cbcfca140afebae10e1582ee87721578719ded
- WEBhttps://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo
- WEBhttp://www.openwall.com/lists/oss-security/2024/03/06/2