- Description
- Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11732
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- security@apache.org
- CWE-502
- Hype score
- Not currently trending
آسیبپذیری جدید در Apache InLong JDBC (CVE-2025-27522) کشف شد! نسخههای ۱.۱۳.۰ تا ۲.۱.۰ در خطر دسترسی غیرمجازند. سریع به نسخه ۲.۲.۰ آپدیت کنید یا وصله رو اعمال کنید. #امنیت #
@realkourosh_1
1 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ ثغرة خطيرة تضرب Apache InLong وتعرّض الأنظمة لاختراق كامل عن بُعد! فيه ثغرة جديدة تم الكشف عنها مؤخرًا (CVE-2025-27522) في منصة Apache InLong، واللي بتُستخدم في نقل البيا
@hiddenlockT
1 Jun 2025
199 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
A new vulnerability (CVE-2025-27522) affects Apache InLong versions 1.13.0 to 2.1.0, risking remote code execution through insecure deserialization during JDBC verification. Updating to 2.2.0 or patching is crucial. ⚠️ #Security #Australia https://t.co/HvIF2Za5fi
@TweetThreatNews
30 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A moderate CVE-2025-27522 vulnerability affects Apache InLong versions 1.13.0 to 2.1.0, allowing deserialization attacks that could lead to remote code execution. Upgrade to 2.2.0 to stay protected. ⚠️ #DataSecurity #InLong #China https://t.co/5bSGNEcjl3
@TweetThreatNews
30 May 2025
47 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27522 Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mini… https://t.co/FEDxrx0ntq
@CVEnew
28 May 2025
515 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache InLong JDBC Vulnerability CVE-2025-27522: during verification processing https://t.co/ujSL1y8GeJ CVE-2025-27526: for URLEncode and backspace bypass https://t.co/6nQWQhL0ye CVE-2025-27528: for Invisible Character Bypass Leading to Arbitrary File Read https://t.co/hVdlIQG3at
@oss_security
28 May 2025
229 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBE3933A-B8FF-4352-817C-AA8F96DB4434",
"versionEndExcluding": "2.2.0",
"versionStartIncluding": "1.13.0"
}
],
"operator": "OR"
}
]
}
]