AI Score
Confidence
Low
EPSS
Percentile
39.9%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes.
Such a dangerous type might be an executable file that may lead to a remote code execution (RCE).
The unrestricted upload is only possible for authenticated and authorized users.
This issue affects Apache StreamPipes: through 0.93.0.
Users are recommended to upgrade to version 0.95.0, which fixes the issue.
[
{
"vendor": "Apache Software Foundation",
"product": "Apache StreamPipes",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "0.93.0"
}
],
"defaultStatus": "unaffected"
}
]
[
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_streampipes:*:*:*:*:*:*:*:*"
],
"vendor": "apache_software_foundation",
"product": "apache_streampipes",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "0.93.0"
}
],
"defaultStatus": "unknown"
}
]