Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spring_cloud_data_flow
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-07-25 | CVE-2024-37084 | In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server | Spring_cloud_data_flow | 8.8 | ||
| 2021-01-27 | CVE-2020-5427 | In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution. | Spring_cloud_data_flow | 7.2 |