All 7 CVE vulnerabilities found in Apache StreamPipes, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-47411 | Apache StreamPipes: Leverage of User ID for Privilege Escalation CWE-269 | 8.8 | - | 2026-01-01 |
| CVE-2024-24778 | Apache StreamPipes: Resources Permission Escalation CWE-269 | 6.5 | - | 2025-03-03 |
| CVE-2024-31411 | Apache StreamPipes: Potential remote code execution (RCE) via file upload CWE-434 | 8.8AI | HighAI | 2024-07-17 |
| CVE-2024-31979 | Apache StreamPipes: Possibility of SSRF in pipeline element installation process CWE-918 | 8.1AI | HighAI | 2024-07-17 |
| CVE-2024-30471 | Apache StreamPipes: Potential creation of multiple identical accounts CWE-367 | 7.4AI | HighAI | 2024-07-17 |
| CVE-2024-29868 | Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation CWE-338 | 8.1AI | HighAI | 2024-06-24 |
| CVE-2023-31469 | Apache StreamPipes: Privilege escalation through non-admin user CWE-269 | 8.8 | - | 2023-06-23 |
All 7 known CVE vulnerabilities affecting Apache StreamPipes with full Chinese analysis, references, and POCs where available.