Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37084 | 1 Vmware | 1 Spring Cloud Data Flow | 2024-08-26 | N/A | 8.8 HIGH |
| In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server | |||||
| CVE-2020-5427 | 1 Vmware | 1 Spring Cloud Data Flow | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution. | |||||