Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-6523-jf4r-c962: Apache StreamPipes has potential remote code execution (RCE) via file upload

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users.

This issue affects Apache StreamPipes: through 0.93.0.

Users are recommended to upgrade to version 0.95.0, which fixes the issue.

ghsa
#vulnerability#apache#git#rce#auth

Apache StreamPipes has potential remote code execution (RCE) via file upload

High severity GitHub Reviewed Published Jul 17, 2024 to the GitHub Advisory Database • Updated Jul 18, 2024

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission