org.apache.streampipes:streampipes-parent

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.apache.streampipes:streampipes-parentpage 1 of 1

CVE-2023-31469HIGHCVSS 8.8EG 8.8✓ Fixed in 0.92.0
2023-06-23
vulnerable: 0.69.0, 0.70.0, 0.90.0, 0.91.0
A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The…
CVE-2024-30471LOWCVSS 3.7EG 3.7✓ Fixed in 0.95.0
2024-07-17
vulnerable: 0.66.0 ... 0.93.0 (9 versions)
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in user self-registration. This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email a…
CVE-2024-31411HIGHCVSS 8.8EG 8.8✓ Fixed in 0.95.0
2024-07-17
vulnerable: 0.66.0 ... 0.93.0 (9 versions)
Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticat…
CVE-2024-31979MEDIUMCVSS 4.3EG 4.3✓ Fixed in 0.95.0
2024-07-17
vulnerable: 0.66.0 ... 0.93.0 (9 versions)
Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installation process of pipeline elements. Previously, StreamPipes allowed users to configure custom endpoints from which to install additional pipeline elements…

Check whether org.apache.streampipes:streampipes-parent is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.streampipes:streampipes-parent CVEs against the assets you own.

Start Free Scan →