Vmware Spring Cloud Data Flow — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Spring Cloud Data Flow, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-37084 — CVSS 9.8 (critical): In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload…
CVE-2020-5427 — CVSS 7.2 (high): In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when…