Bounties
Partners
Community
Info
apache / inlong
Project repository
Apache InLong - a one-stop, full-scenario integration framework for massive data
Submit a report
FIRST INTERACTION
WITHIN
1 DAY
REVIEW
WITHIN
24 DAYS
FIX
WITHIN
45 DAYS
IDOR make users can delete others' subscription
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31453
CVE-2023-31453
IDOR make users can bind any cluster
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31454
CVE-2023-31454
attackers can change the immutable name and type of cluster
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31103
CVE-2023-31103
attack can change the immutable name and type of nodes
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31206
CVE-2023-31206
Users who joined later can see the data of deleted users
May 22nd 2023
lujiefsi
•
Medium
Medium
•
CVE-2023-31101
CVE-2023-31101
IDOR make one user can stop, start , delete, edit others' source
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31066
CVE-2023-31066
IDOR make users can withdraw other's application
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31064
CVE-2023-31064
Insufficient Session Expiration
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31065
CVE-2023-31065
Weak Password Implimentation
May 22nd 2023
lujiefsi
•
High
High
•
CVE-2023-31098
CVE-2023-31098
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
