Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-p528-3mvf-gr87: Remote code execution in Spring Cloud Data Flow

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server

ghsa
#git#rce

Remote code execution in Spring Cloud Data Flow

Critical severity GitHub Reviewed Published Jul 25, 2024 to the GitHub Advisory Database • Updated Jul 25, 2024

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission