pkg:Maven/org.apache.streampark:streampark

All known vulnerabilities

• CRITICAL9.1CVE-2022-46365Apache StreamPark Improper Input Validation vulnerability
  >= 1.0.0, < 2.0.0
• HIGH8.8CVE-2024-29178Apache StreamPark: FreeMarker SSTI RCE Vulnerability
  from 0, < 2.1.4
• HIGH7.3CVE-2025-30001Apache StreamPark contains an Incorrect Execution-Assigned Permissions vulnerability
  from 0, <= 2.1.5
• MEDIUM5.9Apache StreamPark: Use the user’s password as the secret key Vulnerability
  >= 2.0.0, < 2.1.7
• MEDIUM5.9Apache StreamPark: Information leakage vulnerability
  >= 2.0.0, < 2.1.4
• MEDIUM5.4Apache StreamPark LDAP Injection vulnerability
  >= 1.0.0, < 2.0.0
• MEDIUM4.9Apache StreamPark: Authenticated system users could trigger SQL injection vulnerability
  >= 2.0.0, < 2.1.2
• MEDIUM4.7Apache StreamPark: maven build params could trigger remote command execution
  from 0, < 2.1.4
• MEDIUM4.7Apache StreamPark: Unchecked maven build params could trigger remote command execution
  from 0, < 2.1.4
• —Apache StreamPark uses a Weak Encryption Algorithm
  >= 2.0.0, < 2.1.7
• —Apache StreamPark has a hard-coded encryption key
  >= 2.0.0, < 2.1.7
• —Apache StreamPark: Authenticated system users could trigger remote command execution
  >= 2.0.0, < 2.1.2