Lucene search
Veracode Vulnerability DatabaseVERACODE:36784HistoryAug 22, 2022 - 8:18 a.m.
Remote Code Execution
2022-08-2208:18:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
flysystem
remote code execution
parameter validation
jmsmessageconsumer
attacker
malicious code
jms source
jndi ldap
data source uri
0.003 Low
EPSS
Percentile
66.3%
flysystem is vulnerable to remote code execution. Lack of proper parameter validation in JMSMessageConsumer allows an attacker to upload and execute malicious code on the system under attack, when a configuration uses a JMS Source with a JNDI LDAP data source URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flume jms source | le | 1.10.0 | |
| flume jms source | le | 1.10.0 |
Related
nvd
nvd
CVE-2022-34916
2022-08-21 09:15:33
prion
prion
Remote code execution
2022-08-21 09:15:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2022-34916
2022-09-13 11:14:05
osv
osv
Remote code execution in Apache Flume
2022-08-22 00:00:48
github
github
Remote code execution in Apache Flume
2022-08-22 00:00:48
cve
cve
CVE-2022-34916
2022-08-21 09:15:33
cnvd
cnvd
Apache Flume input validation error vulnerability
2022-08-24 00:00:00