6 matches found
CVE-2020-17518
creationtimestamp| type| source ---|---|--- 2025-01-12 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-01-12 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-14 00:00:00+00:00| seen| The Shadowserver...
VulnCheck KEV: CVE-2020-17518
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel Quarkus Tech-Preview 2 security update
An update to the Red Hat Integration Camel Quarkus tech preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.4 release and security update
A minor version update from 1.3 to 1.4 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...
Apache Flink Directory Traversal (CVE-2020-17518; CVE-2020-17519)
A directory traversal vulnerability exists in Apache Flink. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
CVE-2020-17518
CVE-2020-17518 affects Apache Flink 1.5.1. A REST file upload handler allowed an attacker to write a file to an arbitrary location on the local filesystem by manipulating the HTTP header (directory-traversal via file upload). The issue is mitigated by upgrading Flink to 1.11.3 or 1.12.0 (where th...