Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of High-Severity Vulnerability in Apache Flink
Alerts

Active Exploitation of High-Severity Vulnerability in Apache Flink

28 May 2024

There have been reports of active exploitation of a high-severity vulnerability (CVE-2020-17519) affecting Apache Flink.

Successful exploitation of the vulnerability could allow an attacker to read any file accessible to the JobManager process in Flink. This includes sensitive or critical system files and may result in a security or confidentiality breach.

The vulnerability affects Apache Flink versions 1.11.0, 1.11.1, and 1.11.2.

Users and administrators of affected product versions are advised to update to the latest version immediately.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2020-17519

https://socradar.io/cve-2020-17519-in-apache-flink-enters-cisas-kev-catalog-gitlab-patches-xss-flaw-cve-2024-4835/

Back to top