5 matches found
EUVD-2023-2094
Malicious code in bioql PyPI...
Apache StreamPark Insufficient Session Expiration Vulnerability
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark versions prior to 2.1.4 suffer from a session expiration insufficiency vulnerability, which stems from the fact that the session is not expired after logging...
Apache StreamPark: maven build params could trigger remote command execution
In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...
Apache StreamPark: Unchecked maven build params could trigger remote command execution
In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...
Apache StreamPark SQL Injection Vulnerability (CNVD-2024-0217486)
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit...