Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-v75g-77vf-6jjq
  • Maven/com.erudika:para-server
 Para Server Logs Sensitive Information yesterday
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-6j2q-c73v-97c5
  • Maven/org.springframework.cloud:spring-cloud-gateway-server
 Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies 2 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-h2fw-rfh5-95r3
  • Maven/org.apache.tomcat:tomcat-catalina
  • Maven/org.apache.tomcat.embed:tomcat-embed-core
 Apache Tomcat - CGI security constraint bypass 2 days ago
  • Fix available
  • Severity - 1.7 (Low)
GHSA-wxr5-93ph-8wr9
  • Maven/commons-beanutils:commons-beanutils
  • Maven/org.apache.commons:commons-beanutils2
 Apache Commons Improper Access Control vulnerability 3 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-965r-9cg9-g42p
  • Maven/com.ritense.valtimo:objecten-api
  • Maven/com.ritense.valtimo:object-management
 Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users 4 days ago
  • No fix available
  • Severity - 8.3 (High)
GHSA-532x-j9r7-8f73
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass 4 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-98v7-xxxv-hcrh
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read 4 days ago
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-r324-vgr5-73c9
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability during verification processing 4 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-g88v-2j67-9rmx
  • Maven/org.codelibs.fess:fess
 Fess has Insecure Temporary File Permissions 4 days ago
  • Fix available
  • Severity - 1.2 (Low)
GHSA-vrpq-qp53-qv56
  • Maven/org.eclipse.jgit:org.eclipse.jgit
 Eclipse JGit XML External Entity (XXE) Vulnerability 21 May
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-rhfv-688c-p6hp
  • Maven/org.xwiki.platform:xwiki-platform-security-authorization-bridge
 XWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming right 21 May
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-9pp5-9c7g-4r83
  • Maven/org.springframework.security:spring-security-aspects
 Spring Security authorization bypass for method security annotations on private methods 21 May
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-5w52-96jj-fv59
  • Maven/org.jenkins-ci.plugins:vmanager-plugin
 Jenkins Cadence vManager Plugin Vulnerable to Cross-Site Request Forgery 14 May
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-cp9r-g575-xc5f
  • Maven/io.jenkins.plugins:dingding-notifications
 Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation 14 May
  • No fix available
  • Severity - 5.9 (Medium)
GHSA-p89h-p4ph-4vj6
  • Maven/org.jenkins-ci.plugins:wso2id-oauth
 Jenkins WSO2 Oauth Plugin Fails to Properly Authenticate User Credentials 14 May
  • No fix available
  • Severity - 8.7 (High)
GHSA-q7c3-x7hm-qq72
  • Maven/io.jenkins.plugins:oidc-provider
 Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens 14 May
  • Fix available
  • Severity - 9.1 (Critical)
Load more...