Ce mail provient de l'extérieur, restons vigilants

5=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN551
_____________________________________________________________________

DATE                : 27/05/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache Flink Kubernetes Operator
                              versions prior to 1.15.0.

=====================================================================
https://lists.apache.org/thread/b25vp0x1qqvl6309l0hwm1lk6cymj5v8
_____________________________________________________________________

CVE-2026-40564: Apache Flink Kubernetes Operator: Server-Side Request
Forgery and local file access in Kubernetes Operator

Severity: moderate 

Affected versions:

- Apache Flink Kubernetes Operator 1.3.0 before 1.15.0

Description:

Files or Directories Accessible to External Parties, Server-Side
Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes
Operator.

The FlinkSessionJob jarURI is currently not validated so that it
points to user-owned files or addresses.  This lets a user with
CR create permissions read files from the operator pod's filesystem
and pull content from any backing store reachable through Flink's
pluggable filesystem layer and access them through the submitted
Flink job. Furthermore for fetching from http/https addresses
there is currently no allowlist on the URI scheme, no host check,
no IP-range restriction, and no protection against pointing the
URI at internal or link-local addresses.This issue affects
Apache Flink Kubernetes Operator: from 1.3.0 before 1.15.0.

Users are recommended to upgrade to version 1.15.0, which
fixes the issue.

Credit:

Andrea Cosentino (finder)
Andrea Cosentino (remediation developer)

References:

https://flink.apache.org/
https://www.cve.org/CVERecord?id=CVE-2026-40564


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================