Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-49v8-p6mm-3pfj
  • Maven/com.vip.saturn:saturn-console
 Vipshop Saturn Console Vulnerable to SQL Injection via ClusterKey Component yesterday
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-2wxq-944j-5g2v
  • Maven/org.jenkins-ci.plugins:stackhammer
 Jenkins Stack Hammer Plugin Stores API Keys Unencrypted in Job `config.xml` Files yesterday
  • No fix available
  • Severity - 4.3 (Medium)
GHSA-4vjp-327p-w4qv
  • Maven/org.jenkins-ci.plugins:templating-engine
 Jenkins Templating Engine Plugin Vulnerable to Arbitrary Code Execution yesterday
  • Fix available
  • Severity - 8.8 (High)
GHSA-565r-pf5q-45v6
  • Maven/org.jenkins-ci.main:jenkins-core
 Jenkins Missing Permission Check yesterday
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-fv9q-fq62-c6qg
  • Maven/org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin
 Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files yesterday
  • No fix available
  • Severity - 4.3 (Medium)
GHSA-g65g-fmcp-4w68
  • Maven/org.ukiuni.monitor-remote-job-plugin:monitor-remote-job
 Jenkins monitor-remote-job Plugin Stores Passwords Unencrypted yesterday
  • No fix available
  • Severity - 4.3 (Medium)
GHSA-hcfh-qjcp-34q9
  • Maven/io.jenkins.plugins:simple-queue
 Jenkins Simple Queue Plugin Cross-Site Request Forgery (CSRF) yesterday
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-m254-f6h4-p93g
  • Maven/org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin
 Jenkins AsakusaSatellite Plugin Does not Mask API Keys via Job Configuration Form yesterday
  • No fix available
  • Severity - 4.3 (Medium)
GHSA-wr6w-jxg7-qpfh
  • Maven/org.jenkins-ci.main:jenkins-core
 Jenkins Missing Permission Check yesterday
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-x9hj-q7xv-fv4v
  • Maven/org.jenkins-ci.plugins:vmanager-plugin
 Jenkins Cadence vManager Plugin Stores Verisium Manager vAPI keys Unencrypted yesterday
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-7c5v-895v-w4q5
  • Maven/io.jooby:jooby-pac4j
 jooby-pac4j: deserialization of untrusted data 2 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-vq4p-pchp-6g6v
  • Maven/org.apache.camel:camel-undertow
 Apache Camel Missing Header Out Filter Leads to Potential Bypass/Injection Vulnerability 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-2c59-37c4-qrx5
  • Maven/org.apache.parquet:parquet-avro
 Apache Parquet Avro Module Vulnerable to Arbitrary Code Execution 2 days ago
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-6jwp-4wvj-6597
  • Maven/org.apache.pinot:pinot
 Apache Pinot Vulnerable to Authentication Bypass 2 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-3w85-5p9g-h334
  • Maven/org.apache.activemq:artemis-server
 Apache ActiveMQ Artemis User Without Create Address Permissions can Modify Address Routing-Type 2 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-hqqc-jr88-p6x2
  • Maven/io.netty.incubator:netty-incubator-codec-quic
 Netty QUIC hash collision DoS attack 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
Load more...