Shulou(Shulou.com)05/31 Report--

Editor to share with you Apache Flink arbitrary Jar package upload led to remote code execution vulnerabilities example analysis, I believe that most people do not know much about it, so share this article for your reference, I hope you will learn a lot after reading this article, let's go to know it!

Vulnerability description

Apache Flink is an open source platform for distributed streams and batch data. The core of Flink is a streaming data streaming engine, which provides data distribution, communication and fault tolerance for distributed computing on data streams. Flink builds batches on top of the flow engine, covering local iteration support, managed memory, and program optimization. Recently, security researchers have found that apache flink allows arbitrary jar packages to be uploaded, resulting in remote code execution.

Vulnerability level

High risk

Scope of influence

Apache Flink

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.