flysystem is vulnerable to remote code execution. Lack of proper parameter validation in JMSMessageConsumer
allows an attacker to upload and execute malicious code on the system under attack, when a configuration uses a JMS
Source with a JNDI LDAP
data source URI.