CVE-2023-27602
In Apache Linkis <=1.3.1, The PublicService module uploads files without restrictions on the path to the uploaded files, and file types.
We recommend users upgrade the version of Linkis to version 1.3.2.
For versions
<=1.3.1, we suggest turning on the file path check switch in linkis.properties
wds.linkis.workspace.filesystem.owner.check=true
wds.linkis.workspace.filesystem.path.check=true
| Software | From | Fixed in |
|---|---|---|
| apache / linkis | - | 1.3.1.x |
org.apache.linkis / linkis
|
- | 1.3.2 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime