Code Injection
Apache Flink is vulnerable to Code Injection. The vulnerability is due to improper escaping of user-controlled strings during SQL code generation, which allows an authenticated attacker to inject arbitrary Java code and execute it on TaskManagers through specially crafted SQL queries...