CVE-2020-17518: Apache Flink directory traversal attack: remote file writing through the REST API
Vendor:
The Apache Software Foundation
Versions Affected:
1.5.1 to 1.11.2
Description:
Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1.
Mitigation:
All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed.
The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master.
Credits:
This issue was discovered by 0rich1 of Ant Security FG Lab