漏洞描述
【漏洞对象】Apache Flink 【涉及版本】Flink部分版本(1.11.0, 1.11.1, 1.11.2) \【漏洞描述】ApacheFlink是一个开源的流处理框架,具有强大的流处理和批处理功能。Apache Flink1.11.0(以及1.11.1和1.11.2中发布的)中引入的更改允许攻击者通过JobManager进程的REST接口读取JobManager本地文件系统中的任何文件。
Apache Flink 文件读取(CVE-2020-17519)
PoC代码
暂无相关漏洞推荐
-
CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion POC
2025-09-01 | Apache FlinkApache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file ... -
CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion POC
2025-08-01 | Apache FlinkApache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file ... -
CVE-2020-17519: Apache Flink - Local File Inclusion POC
2025-08-01 | Apache FlinkApache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on... -
CVE-2020-10199: Nexus Repository before 3.21.2 allows JavaEL Injection POC
2025-09-01 | Nexus Repository漏洞触发需要任意账户权限 body="Nexus Repository Manager" app="Nexus-Repository-Manager" -
CVE-2020-11455: LimeSurvey 4.1.11 - Path Traversal POC
2025-09-01 | LimeSurveyLimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/a...