Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
4Blast Radius
ecosystem impact- 27 maven packages depend on org.apache.flink:flink-table-api-java (8 direct, 19 indirect)
- 6 maven packages depend on org.apache.flink:flink-table-planner_2.12 (6 direct, 0 indirect)
- 23 maven packages depend on org.apache.flink:flink-table-runtime (19 direct, 4 indirect)
Ecosystem-wide dependent count for version 1.15.0 and other introduced versions.
DescriptionCVE.org
Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions (1.15.0+) and LIKE expressions with ESCAPE clauses (1.17.0+). User-controlled strings are interpolated into generated Java code without proper escaping, allowing attackers to break out of string literals and inject arbitrary expressions.
Users are recommended to upgrade to either version 1.20.4, 2.0.2, 2.1.2 or 2.2.1, which fixes this issue.
AnalysisAI
Code injection in Apache Flink's SQL engine allows authenticated users to execute arbitrary code on TaskManagers through malicious SQL queries. The vulnerability affects JSON functions in versions 1.15.0+ and LIKE expressions with ESCAPE clauses in versions 1.17.0+, where user-controlled strings are interpolated into generated Java code without proper escaping. Apache has released patches in versions 1.20.4, 2.0.2, 2.1.2 and 2.2.1.
Technical ContextAI
Apache Flink is a distributed stream processing framework that includes a SQL engine which generates Java code dynamically from SQL queries. The vulnerability (CWE-94: Code Injection) occurs when processing SQL queries containing JSON functions or LIKE expressions with ESCAPE clauses. The SQL-to-Java code generation process fails to properly escape user-controlled strings when embedding them into generated Java source code, allowing attackers to break out of string literals and inject arbitrary Java expressions that execute within the TaskManager JVM.
RemediationAI
Vendor-released patches are available in Apache Flink versions 1.20.4, 2.0.2, 2.1.2 and 2.2.1. Organizations should upgrade to the appropriate patched version based on their current deployment. As an immediate mitigation, restrict SQL query submission privileges to trusted users only and audit existing SQL queries for potentially malicious patterns in JSON functions and LIKE expressions with ESCAPE clauses. Consider implementing input validation for any externally-sourced data incorporated into SQL queries. Review the Apache security advisory at https://lists.apache.org/thread/qh52bw4hhvy7n2owd8b3bt51mz0lvj9x for complete remediation details.
Oracle Java SE 7 Update 6 and earlier contains multiple sandbox bypass vulnerabilities via the ClassFinder and forName m
Remote code execution in IBM Sterling B2B Integrator, Sterling Integrator, and Tivoli Common Reporting allows unauthenti
Java Runtime Environment sandbox bypass via incorrect image channel verification in 2D component allows remote unauthent
Oracle Java SE JDK/JRE 7 and 6 Update 27 and earlier allows remote code execution with complete system compromise throug
JBoss Seam 2 in Red Hat JBoss EAP 4.3.0 fails to sanitize JBoss Expression Language inputs, allowing remote attackers to
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 up
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Up
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allow
Remote unauthenticated attackers can execute arbitrary code on Adobe ColdFusion servers through Java deserialization fla
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30550
GHSA-2f54-v4hm-fx73