How severe is CVE-2024-48988?

CVE-2024-48988 has a CVSS v3 score of 7.6 (HIGH).

CVE-2024-48988

Name: streampark
Author: apache

7.6HIGH

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vuln

Veröffentlicht: 8/22/2025Aktualisiert: 11/4/2025

Beschreibung

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package (SpringBoot platform) and does not involve Maven artifacts. It can only be exploited after a user has successfully logged into the platform (implying that the attacker would first need to compromise the login authentication). As a result, the associated risk is considered relatively low.

KI-AnalyseKI-gestützt

Betroffene Produkte

apachestreampark

Referenzen

https://lists.apache.org/thread/26ng8388l93zwjrst560cbjz9x7wpq1s
Mailing List
http://www.openwall.com/lists/oss-security/2025/08/22/1