CVE-2024-39928

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-39928
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39928.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-39928
Aliases
Published
2024-09-25T01:15:40Z
Modified
2025-05-19T21:06:33Z
Summary
[none]
Details

In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue.

References

Affected packages

Git / github.com/apache/incubator-linkis

Affected ranges

Type
GIT
Repo
https://github.com/apache/incubator-linkis
Events