Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-39928

In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.2%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2024-39928
  • Apache » Linkis » Version: 1.3.0
    cpe:2.3:a:apache:linkis:1.3.0
  • Apache » Linkis » Version: 1.3.2
    cpe:2.3:a:apache:linkis:1.3.2
  • Apache » Linkis » Version: 1.4.0
    cpe:2.3:a:apache:linkis:1.4.0
  • Apache » Linkis » Version: 1.5.0
    cpe:2.3:a:apache:linkis:1.5.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved