Security Advisory

CVE-2024-37084

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-25 09:17:50

Last updated 2024-08-02 03:43:50

Assigner vmware

State PUBLISHED

Description

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server

← Browse all CVEs View on cve.org ↗