Plattform
java
Komponente
org.apache.linkis:linkis
Behoben in
1.7.1
1.8.0
CVE-2025-29847 is an Arbitrary File Access vulnerability discovered in Apache Linkis. This flaw allows attackers to potentially gain unauthorized access to system files through manipulated JDBC parameters. The vulnerability impacts versions of Apache Linkis from 1.3.0 up to and including 1.7.0. A fix is available in version 1.8.0.
An attacker exploiting CVE-2025-29847 could gain unauthorized access to system files within the Apache Linkis environment. This could lead to the exposure of sensitive configuration data, credentials, or even code. The ability to read arbitrary files significantly expands the attack surface, potentially enabling further exploitation and lateral movement within the network. While the description doesn't explicitly mention remote code execution, access to configuration files could be leveraged to modify Linkis behavior or inject malicious code. The scope of impact is broad, affecting any Linkis deployment using the JDBC engine and data source functionality with improperly encoded URLs.
CVE-2025-29847 was published on 2026-01-19. There is no indication of this vulnerability being added to the CISA KEV catalog or being actively exploited at this time. Public proof-of-concept (POC) code is currently unavailable, but the vulnerability's nature suggests that a relatively simple POC could be developed. The CVSS score of 7.5 (HIGH) indicates a significant potential for exploitation.
Organizations deploying Apache Linkis for data processing and analytics are at risk, particularly those relying on the JDBC engine for connecting to external data sources. Environments with legacy Linkis installations (versions 1.3.0 - 1.7.0) are especially vulnerable, as are those with complex JDBC configurations or inadequate input validation.
• java / server:
find /opt/linkis/logs -type f -name "*.log" | grep -i "JDBC URL contains multiple encoded characters"• generic web:
curl -I <linkis_jdbc_url_endpoint> | grep -i "URL-encoded characters"disclosure
Exploit-Status
EPSS
0.10% (28% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2025-29847 is to upgrade Apache Linkis to version 1.8.0 or later, which includes the necessary URL validation fix. If upgrading immediately is not feasible, a temporary workaround involves implementing stricter URL validation on the frontend. This should include checking for the presence of the '%' character in connection information and performing URL decoding before processing. Consider implementing a Web Application Firewall (WAF) rule to block requests with excessively encoded URLs. After upgrading, confirm the fix by attempting to connect with a URL containing multiple encoded characters and verifying that the access is denied.
Actualice Apache Linkis a la versión 1.8.0 o superior. Como alternativa, revise continuamente la información de conexión en busca del carácter '%' y realice la decodificación de URL si está presente para evitar el bypass de las comprobaciones del sistema.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-29847 is a HIGH severity vulnerability in Apache Linkis affecting versions ≤1.7.0. It allows attackers to access system files through manipulated JDBC URLs.
If you are running Apache Linkis versions 1.3.0 through 1.7.0, you are potentially affected by this vulnerability. Upgrade to 1.8.0 or implement the recommended workaround.
The recommended fix is to upgrade Apache Linkis to version 1.8.0 or later. As a temporary workaround, implement stricter checks on JDBC connection URLs to detect and reject encoded characters.
There is currently no public information indicating active exploitation of CVE-2025-29847, but the vulnerability's nature suggests it could be exploited.
Refer to the Apache Linkis security advisory for details: [https://linkis.apache.org/security/](https://linkis.apache.org/security/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.