Apache: >> Heron >> 0.19.0.15 Security Vulnerabilities
Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-10-24