CVE-2024-31411
CVSS V2 None
CVSS V3 None
Description
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes.
Such a dangerous type might be an executable file that may lead to a remote code execution (RCE).
The unrestricted upload is only possible for authenticated and authorized users.
This issue affects Apache StreamPipes: through 0.93.0.
Users are recommended to upgrade to version 0.95.0, which fixes the issue.
Overview
- CVE ID
- CVE-2024-31411
- Assigner
- apache
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-17T09:22:08.507Z
- Last Modified Date
- 2024-07-17T18:43:54.091Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://lists.apache.org/thread/b0657okbwzg5xxs11hphvc9qrd9s70mt | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-31411 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31411 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-18 13:02:57 | Added to TrackCVE |