When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The vulnerability in question is an improper access control flaw first found in Apache Flink back in January 2021.
Apache Flink is an open source stream-processing framework developed and maintained by the Apache Software Foundation.
It is designed to process large volumes of data in real time with low latency and high throughput.
A deadline for patching
The flaw is tracked as CVE-2020-17519.
It was discovered in early January 2021, and was never given a specific severity score.
Still, the Apache Software Foundation fixed it in a timely manner, by applying a fix.
Vulnerable versions include Flink 1.11.0, 1.11.1, and 1.11.2.
Fixed versions are 1.11.3, and 1.12.0.
Access is restricted to files accessible by the JobManager process.
ViaThe Register
