THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2023-50740

Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged

Assignerapache
Reserved2023-12-12
Published2024-03-06
Updated2024-07-09

Description

In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.  We recommend users upgrade the version of Linkis to version 1.5.0

Problem types

CWE-532 Insertion of Sensitive Information into Log File

Product status

Default status
unaffected

* before 1.5.0
affected

Credits

Jonathan Leitschuh reporter

References

https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo vendor-advisory

http://www.openwall.com/lists/oss-security/2024/03/06/2

cve.org CVE-2023-50740

nvd.nist.gov CVE-2023-50740

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-50740
© Copyright 2024 THREATINT. Made in Cyprus with +