{
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09"
      },
      "title": "Engine material management Arbitrary file deletion vulnerability",
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-552 Files or Directories Accessible to External Parties",
              "lang": "en",
              "cweId": "CWE-552",
              "type": "CWE"
            }
          ]
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "affected": [
        {
          "vendor": "Apache Software Foundation",
          "product": "Apache Linkis  Basic management services",
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "packageName": "org.apache.linkis:linkis-pes-publicservice",
          "versions": [
            {
              "status": "affected",
              "version": "1.3.2",
              "lessThan": "1.6.0",
              "versionType": "maven"
            }
          ],
          "defaultStatus": "unaffected"
        }
      ],
      "descriptions": [
        {
          "value": "\nIn Apache Linkis <= 1.5.0,\n\nArbitrary file deletion in Basic management services on \n\nA user with an administrator account could delete any file accessible by the Linkis system user\n\n.\nUsers are recommended to upgrade to version 1.6.0, which fixes this issue.\n\n",
          "lang": "en",
          "supportingMedia": [
            {
              "type": "text/html",
              "base64": false,
              "value": "\n\n\n\nIn Apache Linkis &lt;= 1.5.0,\n\nArbitrary file deletion in Basic management services on \n\n<span style=\"background-color: rgb(255, 255, 255);\">A user with an administrator account could delete any file accessible by the Linkis system user</span>\n\n.<br>Users are recommended to upgrade to version 1.6.0, which fixes this issue.\n\n"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://lists.apache.org/thread/2of1p433h8rbq2bx525rtftnk19oz38h",
          "tags": [
            "vendor-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "other": {
            "type": "Textual description of severity",
            "content": {
              "text": "important"
            }
          }
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "superx",
          "type": "reporter"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "cveId": "CVE-2024-27182",
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "serial": 1,
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0"
}