Kayiyan

1 exploit Active since Jul 2024
CVE-2024-37084 NOMISEC CRITICAL WORKING POC
Spring Cloud Data Flow < 2.11.4 - Authenticated Arbitrary File Write via Skipper Server API
In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
3 stars
CVSS 9.8