Apache Flink 1.5.1 - Local File Inclusion

Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER. id: CVE-2020-17518 info: name: Apache Flink 1.5.1 - Local File Inclusion author: pdteam severit...