📦 Streampark
by Apache
🔍 What is Streampark?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Apache StreamPark versions 2.0.0 through 2.1.6 use a hard-coded encryption key, allowing attackers to decrypt sensitive data or forge encrypted information through reverse engineering. This affects al...
This vulnerability allows session tokens to remain valid after logout, enabling attackers to reuse stolen or previously obtained 'Authorization' tokens to access user data and perform unauthorized act...
This vulnerability in Apache StreamPark allows any user to upload arbitrary JAR files without proper file type validation, potentially enabling remote code execution. Attackers could upload malicious ...
This vulnerability in Apache StreamPark uses weak encryption (AES-ECB mode) and a weak random number generator for encrypting sensitive data like JWT tokens. Attackers could potentially decrypt authen...
This CVE describes an SQL injection vulnerability in Apache StreamPark's SpringBoot distribution package that allows authenticated attackers to execute arbitrary SQL commands. It affects Apache Stream...
This CVE describes a template injection vulnerability in Apache software versions before 2.1.4 that allows authenticated users to execute arbitrary code on the server. Attackers must first obtain vali...
This SQL injection vulnerability in Apache StreamPark allows authenticated attackers to manipulate database queries through unvalidated sort parameters. It affects users of StreamPark console who can ...
This vulnerability in Apache StreamPark allows authenticated users with system-level permissions to execute arbitrary commands through Maven compilation parameters. Attackers could achieve remote code...
Apache StreamPark versions 2.0.0 through 2.1.6 use user passwords as JWT signing keys, allowing attackers who capture tokens to brute-force passwords offline or forge tokens if passwords are known. Th...
This vulnerability in Apache Flink allows authenticated regular users to bypass authorization controls and access sensitive user information they shouldn't have permission to view. After successful lo...
This vulnerability in Streampark versions before 2.1.4 allows authenticated users to access other users' sensitive information, including administrator credentials, by reusing the authentication token...
This vulnerability in Apache StreamPark allows authenticated users with system-level permissions to execute arbitrary commands through improper input validation in the project module's build arguments...