Maven package
org.springframework.cloud/spring-cloud-skipper
pkg:maven/org.springframework.cloud/spring-cloud-skipper
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-37084 | — | < 2.11.4 | 2.11.4 | Jul 25, 2024 | In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server |
- CVE-2024-37084Jul 25, 2024affected < 2.11.4fixed 2.11.4
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server