Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 11:46 a.m.12 views

CVE-2024-29178

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS7.5AI score0.01239EPSS
Exploits0References1
NVD
NVD
added 2024/07/18 12:15 p.m.26 views

CVE-2024-29178

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS0.01239EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/18 11:15 a.m.28 views

CVE-2024-29178 Apache StreamPark: FreeMarker SSTI RCE Vulnerability

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

0.01239EPSS
Exploits0References2
CVE
CVE
added 2024/07/18 11:15 a.m.48 views

CVE-2024-29178

Apache StreamPark before version 2.1.4 is affected by a FreeMarker SSTI vulnerability that an authenticated user can exploit to achieve Remote Code Execution on the server. Root cause: template injection via FreeMarker in the application, with high impact (CVE-2024-29178). Remediation: upgrade to...

8.8CVSS9AI score0.01239EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/07/18 11:15 a.m.12 views

CVE-2024-29178 Apache StreamPark: FreeMarker SSTI RCE Vulnerability

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS6.1AI score0.01239EPSS
Exploits0References4
Rows per page
Query Builder