CVE-2023-27602

CVE-2023-27602

In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.

We recommend users upgrade the version of Linkis to version 1.3.2. 

For versions

<=1.3.1, we suggest turning on the file path check switch in linkis.properties

`wds.linkis.workspace.filesystem.owner.check=true`
`wds.linkis.workspace.filesystem.path.check=true`

Source: CVE-2023-27602

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다