Description
Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator.

The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses.  This lets a user with CR create permissions read files from the operator pod's filesystem and pull content from any backing store reachable through Flink's pluggable filesystem layer and access them through the submitted Flink job. Furthermore for fetching from http/https addresses there is currently no allowlist on the URI scheme, no host check, no IP-range restriction, and no protection against pointing the URI at internal or link-local addresses.This issue affects Apache Flink Kubernetes Operator: from 1.3.0 before 1.15.0.

Users are recommended to upgrade to version 1.15.0, which fixes the issue.
Published: 2026-05-26
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability stems from the FlinkSessionJob jarURI field being unvalidated, enabling a user with ClusterRole create permissions to read any file from the operator pod's local filesystem or request data from any address reachable through Flink's pluggable filesystem layer. This allows Server‑Side Request Forgery (CWE‑918) and local file disclosure (CWE‑552).

Affected Systems

Apache Flink Kubernetes Operator versions from 1.3.0 up to, but not including, 1.15.0 are affected. The operator is typically deployed within Kubernetes clusters by organizations using Flink for stream processing.

Risk and Exploitability

The risk is medium, as indicated by the CVSS score of 6.5, because the flaw permits remote users to access internal resources and secrets without needing external network connectivity. An attacker can craft a CustomResource with a malicious jarURI and use their create privileges to trigger the vulnerability. The EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attacker can submit a malicious CustomResource to the operator. The lack of input validation and allowlists suggests a significant exploitability. The likely attack vector is a user with ClusterRole create permissions targeting the operator.

Generated by OpenCVE AI on June 1, 2026 at 15:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Apache Flink Kubernetes Operator to version 1.15.0 or later to eliminate the flaw.
  • Limit ClusterRole permissions so that only trusted users can create CustomResources that interact with the operator.
  • Implement network policies or firewall rules to block the operator pod from reaching internal or link‑local IP addresses and URLs that are not required for normal operation.

Generated by OpenCVE AI on June 1, 2026 at 15:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:apache:flink_kubernetes_operator:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache flink Kubernetes Operator
Vendors & Products Apache
Apache flink Kubernetes Operator

Tue, 26 May 2026 17:30:00 +0000

Type Values Removed Values Added
References

Tue, 26 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses.  This lets a user with CR create permissions read files from the operator pod's filesystem and pull content from any backing store reachable through Flink's pluggable filesystem layer and access them through the submitted Flink job. Furthermore for fetching from http/https addresses there is currently no allowlist on the URI scheme, no host check, no IP-range restriction, and no protection against pointing the URI at internal or link-local addresses.This issue affects Apache Flink Kubernetes Operator: from 1.3.0 before 1.15.0. Users are recommended to upgrade to version 1.15.0, which fixes the issue.
Title Apache Flink Kubernetes Operator: Server-Side Request Forgery and local file access in Kubernetes Operator
Weaknesses CWE-552
CWE-918
References

Subscriptions

Apache Flink Kubernetes Operator
cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-06-02T14:12:08.938Z

Reserved: 2026-04-14T12:59:12.603Z

Link: CVE-2026-40564

cve-icon Vulnrichment

Updated: 2026-05-26T16:18:03.659Z

cve-icon NVD

Status : Modified

Published: 2026-05-26T16:16:24.590

Modified: 2026-06-02T16:16:38.893

Link: CVE-2026-40564

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T16:00:17Z

Weaknesses
  • CWE-552

    Files or Directories Accessible to External Parties

  • CWE-918

    Server-Side Request Forgery (SSRF)