Lucene search
China National Vulnerability DatabaseCNVD-2023-72238HistoryMay 08, 2023 - 12:00 a.m.
Apache StreamPark Input Validation Error Vulnerability
2023-05-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
apache streampark
input validation error
user profile modification
server layer
united states
streaming media application
development framework
vulnerability
username parameter
currently logged in user
cnvd
0.002 Low
EPSS
Percentile
52.7%
Apache StreamPark is the United States Apache (Apache) Foundation of a streaming media application development framework. Apache StreamPark suffers from an input validation error vulnerability that stems from the fact that when a user modifies his or her profile, the username is passed as a parameter to the server layer without validating that the username is the currently logged in user. No details of the vulnerability are provided at this time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache streampark >=1.0.0, | lt | 2.0.0 |
Related
cve
cve
CVE-2022-46365
2023-05-01 15:15:09
github
github
Apache StreamPark Improper Input Validation vulnerability
2023-07-06 19:24:19
nvd
nvd
CVE-2022-46365
2023-05-01 15:15:09
prion
prion
Code injection
2023-05-01 15:15:00
veracode
veracode
Improper Input Validation
2023-05-08 10:46:10
osv
osv
Apache StreamPark Improper Input Validation vulnerability
2023-07-06 19:24:19
cvelist
cvelist