CVE-2023-50740

CVE-2023-50740: Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged

Vendor Apache Software Foundation

Product Apache Linkis DataSource

Weakness CWE-532 · Sensitive info in logs

Published March 6, 2024

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0

Key dates

Disclosure timeline

March 6, 2024 CVE published

February 13, 2025 Record updated