Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2024-37084
- EPSS 79.65%
- Published 25.07.2024 10:15:07
- Last modified 21.11.2024 09:23:09
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
7.2
CVE-2020-5427
- EPSS 1.05%
- Published 27.01.2021 18:15:13
- Last modified 21.11.2024 05:34:08
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
1