Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-fccg-7w3p-w66f
  • Maven/nu.validator:validator
  • npm/vnu-jar
 Nu Html Checker (vnu) contains a Server-Side Request Forgery (SSRF) vulnerability 3 days ago
  • No fix available
  • Severity - 5.5 (Medium)
GHSA-hrvf-g648-rf3m
  • Maven/net.sourceforge.plantuml:plantuml
 PlantUML is vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams 3 days ago
  • Fix available
  • Severity - 2.0 (Low)
GHSA-cphf-4846-3xx9
  • Maven/io.vertx:vertx-core
 Vert.x Web static handler component cache can be manipulated to deny the access to static files 3 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-v897-pv23-r8cw
  • Maven/org.keycloak:keycloak-quarkus-server
 Keycloak has an improper input validation vulnerability 4 days ago
  • No fix available
  • Severity - 3.7 (Low)
GHSA-4jrw-64vr-7g8m
  • Maven/org.apache.camel:camel-neo4j
 Apache Camel camel-neo4j component is vulnerable to cypher injection 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-gxp5-mv27-vjcj
  • Maven/net.gleske:jervis
 Jervis's AES CBC Mode is Without Authentication 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-5pq9-5mpr-jj85
  • Maven/net.gleske:jervis
 Jervis Has a JWT Algorithm Confusion Vulnerability 6 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-c9q6-g3hr-8gww
  • Maven/net.gleske:jervis
 Jervis Has Weak Random for Timing Attack Mitigation 6 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-36h5-vrq6-pp34
  • Maven/net.gleske:jervis
 Jervis's Salt for PBKDF2 derived from password 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-67rj-pjg6-pq59
  • Maven/net.gleske:jervis
 Jervis Has a SHA-256 Hex String Padding Bug 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-crxp-chh4-9ghp
  • Maven/net.gleske:jervis
 Jervis has Deterministic AES IV Derivation from Passphrase 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-mqw7-c5gg-xq97
  • Maven/net.gleske:jervis
 Jervis Has a RSA PKCS#1 Padding Vulnerability 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-qcfc-hmrc-59x7
  • Maven/com.opensymphony:xwork
  • Maven/org.apache.struts.xwork:xwork-core
  • Maven/org.apache.struts:struts2-core
 Apache Struts 2 is Missing XML Validation 11 Jan
  • Fix available
  • Severity - 8.1 (High)
GHSA-2g22-wg49-fgv5
  • Maven/org.xwiki.contrib:macro-fullcalendar-pom
 XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService 09 Jan
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-637h-ch24-xp9m
  • Maven/org.xwiki.contrib:macro-fullcalendar-pom
 XWiki Full Calendar Macro vulnerable to data leak through Calendar.JSONService 09 Jan
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-jm7w-5684-pvh8
  • Maven/com.alibaba:fastjson
 FASTJSON Includes Functionality from Untrusted Control Sphere 09 Jan
  • Fix available
  • Severity - 10.0 (Critical)
Load more...