CVE-2022-42468

Posted on by admin

CVE-2022-42468

Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol.

Source: CVE-2022-42468

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다