oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2024-24778: Apache StreamPipes: Resources Permission Escalation

From: Philipp Zehnder <zehnder () apache org>
Date: Mon, 03 Mar 2025 10:34:02 +0000
Severity: important

Affected versions:

- Apache StreamPipes through 0.95.1

Description:

Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the 
resource ID was know. 





This issue affects Apache StreamPipes: through 0.95.1.

Users are recommended to upgrade to version 0.97.0 which fixes the issue.

References:

https://streampipes.apache.org
https://www.cve.org/CVERecord?id=CVE-2024-24778
Previous By Date Next
Previous By Thread Next

Current thread: