Vulnerabilities > Apache > Flink Stateful Functions > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-19 CVE-2023-41834 Injection vulnerability in Apache Flink Stateful Functions 3.1.0/3.1.1/3.2.0
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests. Attackers could potentially inject malicious content into the HTTP response that is sent to the user's browser.
network
low complexity
apache CWE-74
6.1