What is CVE-2024-48988?

CVE-2024-48988 is a vulnerability in Apache Software Foundation Streampark, classified under CWE-564. Published 2025-08-22.

Is CVE-2024-48988 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Streampark

CVE-2024-48988

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distri…

EPSS: 0.001 (22.4th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Streampark — versions 2.1.4

Weakness classification (CWE)

CWE-564

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

lists.apache.org/thread/26ng8388l93zwjrst560cbjz9x7wpq1s (vendor-advisory)

Frequently asked questions

What is CVE-2024-48988?: CVE-2024-48988 is a vulnerability in Apache Software Foundation Streampark, classified under CWE-564. Published 2025-08-22.
Is CVE-2024-48988 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.