CVE-2024-37084 CVE-2024-37084: Remote code execution in Spring Cloud Data Flow
Discription
In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the…Read More
References
Back to Main