Description
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
Remediation
References
https://tanzu.vmware.com/security/cve-2020-5427
Related Vulnerabilities
CVE-2022-46769 Vulnerability in maven package org.apache.sling:org.apache.sling.cms.ui
CVE-2014-2858 Vulnerability in maven package org.grails:grails-core
CVE-2022-23618 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2023-24458 Vulnerability in maven package org.jenkins-ci.plugins:bearychat