CVE-2025-30001 | THREATINT

Description

Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue.

PUBLISHED Reserved 2025-03-13 | Published 2025-10-10 | Updated 2025-10-10 | Assigner apache

Problem types

CWE-279 Incorrect Execution-Assigned Permissions

Product status

Default status

unaffected

2.1.4 before 2.1.6

affected

Credits

Liufeng Yi (ylf@yiliufeng.net) reporter

References

lists.apache.org/thread/xfmsvhkcnr1831n0w5ovy3p44lsmfb7m vendor-advisory

cve.org (CVE-2025-30001)

nvd.nist.gov (CVE-2025-30001)

Download JSON