Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:37703
HistoryOct 27, 2022 - 6:36 a.m.

Remote Code Execution (RCE)

2022-10-2706:36:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
apache flume
rce
remote code execution
vulnerability
improper validations
jms source
provider url
arbitrary code executions

0.006 Low

EPSS

Percentile

78.7%

JSON

Apache Flume is vulnerable to remote code execution. The vulnerability exists due to improper validations of jms source and provider url where the attacker can use the jms source with an unsafe provider url causing arbitrary code executions.

Related

cve 1
cvelist 1
prion 1
osv 1
nvd 1
github 1
cve
cve
CVE-2022-42468
2022-10-26 16:15:11
cvelist
cvelist
CVE-2022-42468 Apache Flume prior to 1.11.0 has an Improper Input Validation (JNDI Injection) in JMSSource
2022-10-26 00:00:00
prion
prion
Remote code execution
2022-10-26 16:15:00
osv
osv
Apache Flume vulnerable to remote code execution via deserialization of unsafe providerURL
2022-10-26 19:00:38
nvd
nvd
CVE-2022-42468
2022-10-26 16:15:11
github
github
Apache Flume vulnerable to remote code execution via deserialization of unsafe providerURL
2022-10-26 19:00:38

0.006 Low

EPSS

Percentile

78.7%

JSON
Related for VERACODE:37703
cve1cvelist1prion1osv1nvd1github1