Filtered by vendor Vmware
Subscriptions
Filtered by product Spring Cloud Data Flow
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5427 | 1 Vmware | 1 Spring Cloud Data Flow | 2024-09-16 | 7.2 High |
| In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution. | ||||
| CVE-2024-37084 | 1 Vmware | 1 Spring Cloud Data Flow | 2024-08-26 | 9.8 Critical |
| In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server | ||||
Page 1 of 1.