Headline
GHSA-6523-jf4r-c962: Apache StreamPipes has potential remote code execution (RCE) via file upload
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users.
This issue affects Apache StreamPipes: through 0.93.0.
Users are recommended to upgrade to version 0.95.0, which fixes the issue.
Apache StreamPipes has potential remote code execution (RCE) via file upload
High severity GitHub Reviewed Published Jul 17, 2024 to the GitHub Advisory Database • Updated Jul 18, 2024