Lucene search
K

187 matches found

cve
cve
added 2023/05/01 2:4 p.m.61 views

CVE-2022-45802

CVE-2022-45802 (Apache StreamPark) : The vulnerability stems from a lack of mandatory verification of uploaded files when users submit jars as applications, which can permit uploading high-risk files and potentially placing them in arbitrary directories. This aligns with reported path traversal c...

9.8CVSS9.5AI score0.01308EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/05/01 12:0 a.m.3 views

PT-2023-14756 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions prior to 2.0.0 Description: The issue allows any user to upload a jar as an application without mandatory verification of the uploaded file type. This enables users to upload high-risk files and potentially upload...

9.8CVSS7.1AI score0.01308EPSS
Exploits0References9
cnnvd
cnnvd
added 2023/05/01 12:0 a.m.4 views

Apache StreamPark 代码问题漏洞

Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from a code issue vulnerability that stems from allowing any user to upload a jar as an application, but not forcing validation of the uploaded file type, leading to the...

9.8CVSS8.6AI score0.01308EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/05/01 12:0 a.m.8 views

Apache StreamPark 输入验证错误漏洞

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from an input validation error vulnerability that stems from the fact that when a user modifies his or her profile, the username is passed as a paramet...

9.1CVSS6.8AI score0.01475EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/05/01 12:0 a.m.3 views

Apache StreamPark 注入漏洞

Apache StreamPark is a streaming media application development framework from the Apache Foundation. Apache StreamPark suffers from an injection vulnerability that stems from the presence of an LDAP injection vulnerability...

5.4CVSS5.7AI score0.01103EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/05/01 12:0 a.m.3 views

PT-2023-14915 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions 1.0.0 through 1.0.0 Description: The issue arises when a user successfully logs in and attempts to modify their profile. The username is passed to the server-layer as a parameter but is not verified to ensure it...

9.1CVSS7.1AI score0.01475EPSS
Exploits0References12
ptsecurity
ptsecurity
added 2022/11/23 12:0 a.m.4 views

PT-2022-6585 · Apache · Apache Streampark

Name of the Vulnerable Software and Affected Versions: Apache StreamPark versions 1.0.0 through 2.0.0 Description: The issue is related to an LDAP injection vulnerability, which is an attack used to exploit web-based applications that construct LDAP statements based on user input. When an...

5.5CVSS5.7AI score0.01103EPSS
Exploits0References10
Rows per page
Query Builder