{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T17:17:27.877030200Z","vulnerabilities":[{"cve":{"id":"CVE-2023-43667","sourceIdentifier":"security@apache.org","published":"2023-10-16T09:15:10.500","lastModified":"2025-06-16T17:15:26.830","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit\nand trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.\n\n[1]  https://github.com/apache/inlong/pull/8628"},{"lang":"es","value":"Neutralización Inadecuada de Elementos Especiales utilizados en una vulnerabilidad de Comando SQL ('inyección SQL') en Apache InLong. Este problema afecta a Apache InLong: desde la versión 1.4.0 hasta la 1.8.0, el atacante puede crear registros engañosos o falsos, lo que dificulta la auditoría y rastrear actividades maliciosas. Se recomienda a los usuarios actualizar a Apache InLong 1.8.0 o al cherry-pick [1] para resolverlo. \n[1] https://github.com/apache/inlong/pull/8628"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*","versionStartIncluding":"1.4.0","versionEndIncluding":"1.8.0","matchCriteriaId":"419D6A8F-7C90-47D0-9780-FB3C0EE88FE2"}]}]}],"references":[{"url":"https://lists.apache.org/thread/spnb378g268p1f902fr9kqyph2k8n543","source":"security@apache.org","tags":["Mailing List"]},{"url":"https://lists.apache.org/thread/spnb378g268p1f902fr9kqyph2k8n543","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]}]}}]}