Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:51 a.m.5 views

CVE-2022-45802

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later...

9.8CVSS6.8AI score0.01308EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/01 2:4 p.m.25 views

CVE-2022-45802 Apache StreamPark (incubating): Upload any file to any directory

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later...

9.7AI score0.01308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/01 2:4 p.m.12 views

CVE-2022-45802 Apache StreamPark (incubating): Upload any file to any directory

Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later...

9.4AI score0.01308EPSS
Exploits0References1
CVE
CVE
added 2023/05/01 2:4 p.m.60 views

CVE-2022-45802

CVE-2022-45802 (Apache StreamPark) : The vulnerability stems from a lack of mandatory verification of uploaded files when users submit jars as applications, which can permit uploading high-risk files and potentially placing them in arbitrary directories. This aligns with reported path traversal c...

9.8CVSS9.5AI score0.01308EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder