CVE-2023-50740

EUVD-2024-0960
In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. 
We recommend users upgrade the version of Linkis to version 1.5.0
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
apachelinkis
𝑥
< 1.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2024/03/06/2
https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo
http://www.openwall.com/lists/oss-security/2024/03/06/2
https://lists.apache.org/thread/5o342chnpyd6rps68ygzfkzycxl998yo