- Description
- Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11747
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
- security@apache.org
- CWE-502
- Hype score
- Not currently trending
CVE-2025-27528 (CVSS:9.1, CRITICAL) is Awaiting Analysis. Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through..https://t.co/uF4NzW8fzV #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
2 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-27528 ⚠️🔴 CRITICAL (9.1) 🏢 Apache Software Foundation - Apache InLong 🏗️ 1.13.0 🔗 https://t.co/FsE90E9wDq 🔗 https://t.co/7HT9w6BHOB #CyberCron #VulnAlert #InfoSec https://t.co/9cJErBG0zS
@cybercronai
29 May 2025
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27528: Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read https://t.co/5xw3kSvy8a
@superstubbs
29 May 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache InLong JDBC Vulnerability CVE-2025-27522: during verification processing https://t.co/ujSL1y8GeJ CVE-2025-27526: for URLEncode and backspace bypass https://t.co/6nQWQhL0ye CVE-2025-27528: for Invisible Character Bypass Leading to Arbitrary File Read https://t.co/hVdlIQG3at
@oss_security
28 May 2025
229 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBE3933A-B8FF-4352-817C-AA8F96DB4434",
"versionEndExcluding": "2.2.0",
"versionStartIncluding": "1.13.0"
}
],
"operator": "OR"
}
]
}
]