In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CPE | Name | Operator | Version |
---|---|---|---|
spring_cloud_data_flow | ge | 2.5.0 | |
spring_cloud_data_flow | lt | 2.5.4 | |
spring_cloud_data_flow | ge | 2.6.0 | |
spring_cloud_data_flow | lt | 2.6.5 |