CVE-2024-27182
Aug. 2, 2024, 12:59 p.m.
Tags
Product(s) Impacted
Apache Linkis
- <= 1.5.0
Description
In Apache Linkis <= 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue.
Weaknesses
CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
CWE ID: 552Date
Published: Aug. 2, 2024, 10:16 a.m.
Last Modified: Aug. 2, 2024, 12:59 p.m.
Status : Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@apache.org
References
https://lists.apache.org/
security@apache.org