2.0.0
3 years ago
2 months ago
Known vulnerabilities in the org.apache.inlong:manager-service package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows attackers to bind clusters that they do not own. This is due to missing authentication for binding operations, which could expose data to the attacker. How to fix Incorrect Permission Assignment for Critical Resource? Upgrade | [1.2.0-incubating,1.7.0) |
Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource that allows users to delete other users' subscriptions. This is an integrity violation in that it allows operations on resources not owned by the user. And it impacts availability to only some functionality for some users. How to fix Incorrect Permission Assignment for Critical Resource? Upgrade | [1.2.0-incubating,1.7.0) |