Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/14 11:46 a.m.12 views

CVE-2024-29178

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS7.5AI score0.01239EPSS
Exploits0References1
nvd
nvd
added 2024/07/18 12:15 p.m.26 views

CVE-2024-29178

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS0.01239EPSS
Exploits0References2
cvelist
cvelist
added 2024/07/18 11:15 a.m.30 views

CVE-2024-29178 Apache StreamPark: FreeMarker SSTI RCE Vulnerability

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

0.01239EPSS
Exploits0References2
cve
cve
added 2024/07/18 11:15 a.m.48 views

CVE-2024-29178

Apache StreamPark before version 2.1.4 is affected by a FreeMarker SSTI vulnerability that an authenticated user can exploit to achieve Remote Code Execution on the server. Root cause: template injection via FreeMarker in the application, with high impact (CVE-2024-29178). Remediation: upgrade to...

8.8CVSS9AI score0.01239EPSS
Exploits0References2Affected Software1
osv
osv
added 2024/07/18 11:15 a.m.12 views

CVE-2024-29178 Apache StreamPark: FreeMarker SSTI RCE Vulnerability

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4...

8.8CVSS6.1AI score0.01239EPSS
Exploits0References4
Rows per page
Query Builder