exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2020-17519

около 5 лет назад

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.

CVSS3: 7.5

EPSS: Критический

CVE-2020-17519

около 5 лет назад

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.

CVSS3: 7.5

EPSS: Критический

GHSA-395w-qhqr-9fr6

около 5 лет назад

Path Traversal in Apache Flink

CVSS3: 7.5

EPSS: Критический

BDU:2025-09901

около 5 лет назад

Уязвимость компонента REST Interface платформы для обработки потоковых и пакетных данных Apache Flink, позволяющая нарушителю читать произвольные файлы

CVSS3: 9.1

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-17519 A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.	CVSS3: 7.5	94% Критический	около 5 лет назад
CVE-2020-17519 A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master.	CVSS3: 7.5	94% Критический	около 5 лет назад
GHSA-395w-qhqr-9fr6 Path Traversal in Apache Flink	CVSS3: 7.5	94% Критический	около 5 лет назад
BDU:2025-09901 Уязвимость компонента REST Interface платформы для обработки потоковых и пакетных данных Apache Flink, позволяющая нарушителю читать произвольные файлы	CVSS3: 9.1	94% Критический	около 5 лет назад

Уязвимостей на страницу