VYPR

Maven package

org.dromara.warm/warm-flow-plugin-modes-sb

pkg:maven/org.dromara.warm/warm-flow-plugin-modes-sb

Vulnerabilities (1)

  • CVE-2026-6125MedApr 12, 2026
    affected < 1.8.5fixed 1.8.5

    A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag resu