Vulnerability CVE-2024-37084
Published: 2024-07-25

Description:
In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server

 References:
https://spring.io/security/cve-2024-37084
Copyright 2026, cxsecurity.com

 

Back to Top