CVE-2024-37084
- Reference to the description:
- Description:
- In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
- Last updated date:
- 08/26/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/15/2024
- Reference url to background