PT-2022-26450 · Apache · Apache Flume
Name of the Vulnerable Software and Affected Versions: Apache Flume versions 1.4.0 through 1.10.1 Description: The issue allows for a remote code execution RCE attack when a configuration uses a JMS Source with an unsafe providerURL. This is due to the JMSSource class being configured with a...