Spring · Spring Cloud Data Flow · CVE-2020-5427
**Name of the Vulnerable Software and Affected Versions**
Spring Cloud Data Flow versions 2.5.x prior to 2.5.4
Spring Cloud Data Flow versions 2.6.x prior to 2.6.5
**Description**
The application is vulnerable to SQL injection when requesting task execution.
**Recommendations**
For versions 2.5.x prior to 2.5.4, update to version 2.5.4 or later.
For versions 2.6.x prior to 2.6.5, update to version 2.6.5 or later.