CVE-2023-27603

CVSS V2 None CVSS V3 None
Description
In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2.
Overview
  • CVE ID
  • CVE-2023-27603
  • Assigner
  • security@apache.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-10T08:15:07
  • Last Modified Date
  • 2023-04-14T19:45:47
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:apache:linkis:*:*:*:*:*:*:*:* 1 OR 1.3.1
References
History
Created Old Value New Value Data Type Notes
2023-04-17 04:25:15 Added to TrackCVE
2023-04-17 04:25:18 Weakness Enumeration new