oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2023-50740: Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged

From: Heping Wang <peacewong () apache org>
Date: Wed, 06 Mar 2024 13:27:54 +0000
Severity: moderate

Affected versions:

- Apache Linkis DataSource * before 1.5.0

Description:

In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data 
source module. 
We recommend users upgrade the version of Linkis to version 1.5.0

Credit:

Jonathan Leitschuh (reporter)

References:

https://linkis.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-50740
Previous By Date Next
Previous By Thread Next

Current thread: