CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27603

In Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path, This is a Zip Slip issue, which will lead to a potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.3%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2023-27603

Apache » Linkis » Version: 0.10.0

cpe:2.3:a:apache:linkis:0.10.0
Apache » Linkis » Version: 0.11.0

cpe:2.3:a:apache:linkis:0.11.0
Apache » Linkis » Version: 0.5.0

cpe:2.3:a:apache:linkis:0.5.0
Apache » Linkis » Version: 0.6.0

cpe:2.3:a:apache:linkis:0.6.0
Apache » Linkis » Version: 0.7.0

cpe:2.3:a:apache:linkis:0.7.0
Apache » Linkis » Version: 0.8.0

cpe:2.3:a:apache:linkis:0.8.0
Apache » Linkis » Version: 0.9.0

cpe:2.3:a:apache:linkis:0.9.0
Apache » Linkis » Version: 0.9.1

cpe:2.3:a:apache:linkis:0.9.1
Apache » Linkis » Version: 0.9.2

cpe:2.3:a:apache:linkis:0.9.2
Apache » Linkis » Version: 0.9.3

cpe:2.3:a:apache:linkis:0.9.3
Apache » Linkis » Version: 0.9.4

cpe:2.3:a:apache:linkis:0.9.4
Apache » Linkis » Version: 1.0.0

cpe:2.3:a:apache:linkis:1.0.0
Apache » Linkis » Version: 1.0.1

cpe:2.3:a:apache:linkis:1.0.1
Apache » Linkis » Version: 1.0.2

cpe:2.3:a:apache:linkis:1.0.2
Apache » Linkis » Version: 1.0.3

cpe:2.3:a:apache:linkis:1.0.3
Apache » Linkis » Version: 1.1.0

cpe:2.3:a:apache:linkis:1.1.0
Apache » Linkis » Version: 1.1.1

cpe:2.3:a:apache:linkis:1.1.1
Apache » Linkis » Version: 1.1.2

cpe:2.3:a:apache:linkis:1.1.2
Apache » Linkis » Version: 1.1.3

cpe:2.3:a:apache:linkis:1.1.3
Apache » Linkis » Version: 1.2.0

cpe:2.3:a:apache:linkis:1.2.0
Apache » Linkis » Version: 1.3.0

cpe:2.3:a:apache:linkis:1.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27603

Products

Pricing

Contact Us