org.apache.inlong:manager-service@1.2.0-incubating vulnerabilities

  • latest version

    2.0.0

  • latest non vulnerable version

  • first published

    3 years ago

  • latest version published

    2 months ago

  • licenses detected

  • package manager

  • Direct Vulnerabilities

    Known vulnerabilities in the org.apache.inlong:manager-service package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Incorrect Permission Assignment for Critical Resource

    Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows attackers to bind clusters that they do not own. This is due to missing authentication for binding operations, which could expose data to the attacker.

    How to fix Incorrect Permission Assignment for Critical Resource?

    Upgrade org.apache.inlong:manager-service to version 1.7.0 or higher.

    [1.2.0-incubating,1.7.0)
    • M
    Incorrect Permission Assignment for Critical Resource

    Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows users to delete other users' subscriptions. This is an integrity violation in that it allows operations on resources not owned by the user. And it impacts availability to only some functionality for some users.

    How to fix Incorrect Permission Assignment for Critical Resource?

    Upgrade org.apache.inlong:manager-service to version 1.7.0 or higher.

    [1.2.0-incubating,1.7.0)