Lucene search
GoogleOSV:CVE-2021-37694HistoryAug 11, 2021 - 6:15 p.m.
CVE-2021-37694
2021-08-1118:15:07
Google
osv.dev
5
vulnerability
code injection
spring cloud stream
update advisory
@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigations available and all users are advised to update.
Related
gitlab
gitlab
Improper Control of Generation of Code ('Code Injection')
2021-08-25 00:00:00
prion
prion
Code injection
2021-08-11 18:15:00
cvelist
cvelist
CVE-2021-37694 Code injection issue for java-spring-cloud-stream-template
2021-08-11 17:25:09
osv
osv
Code injection issue for java-spring-cloud-stream-template
2021-08-25 14:45:52
github
github
Code injection issue for java-spring-cloud-stream-template
2021-08-25 14:45:52
cve
cve
CVE-2021-37694
2021-08-11 18:15:07
nvd
nvd
CVE-2021-37694
2021-08-11 18:15:07