Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Seatunnel Security Vulnerabilities

cve
cve

CVE-2023-48396

Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forgeany token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/application.yml and then create a token.This issue affects Ap...

9.1CVSS

6.6AI Score

0.0004EPSS

2024-07-30 09:15 AM
33
cve
cve

CVE-2023-49198

Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360This issue affects Apache SeaTunnel: 1.0.0. Users are...

7.5CVSS

6.2AI Score

0.001EPSS

2024-08-21 10:15 AM
30