A vulnerability classified as very critical was found in VMware Spring Cloud Data Flow up to 2.11.3. This vulnerability affects unknown code of the component Skipper Server API. The manipulation leads to unrestricted upload.
This vulnerability was named CVE-2024-37084. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.