7 matches found
EUVD-2018-0648
Malware in sbrugna...
CVE-2025-5198 Stackrox: xss in stackrox
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting XSS if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object that is applied to a secured cluster. This obje...
GHSA-P8JX-X2VW-WM33 Code execution in org.apache.storm:storm-core
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user...
Code execution in org.apache.storm:storm-core
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user...
Remote Code Execution (RCE)
Apache Storm is vulnerable to remote code execution. The vulnerability is possible when an attacker can get access to secure storm cluster, leading to arbitrary code execution as another user...
Code injection
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user...
CVE-2018-1331
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user...