Apache Flink Product Security Update Advisory

May 24 2024

Overview

An update has been released to address vulnerabilities in the Apache Flink product. Users of affected versions are advised to update to the latest version.

Affected Products

Apache Flink versions: 1.11.0 (inclusive) to 1.11.2 (inclusive)

Resolved Vulnerabilities

Improper access control vulnerability in Apache Flink via the REST interface that allows attackers to read all files on the JobManager’s local file system (CVE-2020-17519)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Apache Flink version 1.11.3, 1.12.0

Referenced Sites

[1] cve-2020-17519

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

[2] CVE-2020-17519 Detail

https://nvd.nist.gov/vuln/detail/CVE-2020-17519#range-12106517

Apache Flink Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Google Chrome Browser (125.0.6422.76/.77) Security Update Advisory

GitLab Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Google Chrome Browser (125.0.6422.76/.77) Security Update Advisory

GitLab Product Security Update Advisory