Cyber Security News

Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

Cyware
Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data

A moderate severity vulnerability (CVE-2025-27522) has been identified in Apache InLong affecting versions 1.13.0 to 2.1.0, allowing attackers to perform unauthorized actions through deserialization flaws. Organizations are urged to upgrade to version 2.2.0 or apply patches to prevent exploitation and safeguard sensitive data. #ApacheInLong #DeserializationVulnerability

Keypoints

  • The vulnerability is related to improper validation during serialized data processing in Apache InLong.
  • It allows attackers to bypass security measures and potentially execute arbitrary code.
  • The flaw impacts versions 1.13.0 through 2.1.0, with a fix available in version 2.2.0.
  • Mitigation includes upgrading the software and implementing strict input validation.
  • The CVSS score indicates a moderate to high risk, emphasizing the urgency of patching.

Read More: https://gbhackers.com/apache-inlong-jdbc-vulnerability/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint