flysystem is vulnerable to remote code execution. Lack of proper parameter validation in JMSMessageConsumer
allows an attacker to upload and execute malicious code on the system under attack, when a configuration uses a JMS
Source with a JNDI LDAP
data source URI.
CPE | Name | Operator | Version |
---|---|---|---|
flume jms source | le | 1.10.0 | |
flume jms source | le | 1.10.0 |