Homepage
About Snyk

org.apache.inlong:manager-service@1.2.0-incubating vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.inlong:manager-service package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Incorrect Permission Assignment for Critical Resource

Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows attackers to bind clusters that they do not own. This is due to missing authentication for binding operations, which could expose data to the attacker.

How to fix Incorrect Permission Assignment for Critical Resource?

Upgrade org.apache.inlong:manager-service to version 1.7.0 or higher.

[1.2.0-incubating,1.7.0)
  • M
Incorrect Permission Assignment for Critical Resource

Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows users to delete other users' subscriptions. This is an integrity violation in that it allows operations on resources not owned by the user. And it impacts availability to only some functionality for some users.

How to fix Incorrect Permission Assignment for Critical Resource?

Upgrade org.apache.inlong:manager-service to version 1.7.0 or higher.

[1.2.0-incubating,1.7.0)
Go back to all versions of this package