OSV

GHSA-pjpj-f6r8-56rm

NuGet/Microsoft.ChakraCore

High severity vulnerability that affects Microsoft.ChakraCore

1.10.0
1.10.1
1.10.2
1.11.0
1.11.1
1.11.2
1.11.3
...

2022-08-15T09:15:32.225787Z

Fix available

GHSA-92v7-pq4h-58j5

RubyGems/facter
RubyGems/facter
RubyGems/hiera
RubyGems/puppet
RubyGems/puppet
RubyGems/mcollective-client

Moderate severity vulnerability that affects facter, hiera, mcollective-client, and puppet

1.0.1
1.1.1
1.3.3
1.3.7
1.3.8
1.5
1.5.2
...

2022-08-15T09:12:56.928810Z

Fix available

GHSA-5h9j-q6j2-253f

Maven/org.eclipse.jetty:jetty-server
Maven/org.eclipse.jetty:jetty-server
Maven/org.eclipse.jetty:jetty-server

Unescaped exception messages in error responses in Jetty

9.4.21.v20190926
9.4.22.v20191022
9.4.23.v20191118
9.4.22.v20191022
9.4.23.v20191118
9.4.23.v20191118

2022-08-15T09:12:52.664188Z

Fix available

GHSA-wcp5-m52f-mhh5

Maven/net.sf.mpxj:mpxj

Improper Restriction of XML External Entity Reference in MPXJ

4.7.1
4.7.2
4.7.3
4.7.4
4.7.5
4.7.6
5.0.0
...

2022-08-15T09:12:51.731638Z

Fix available

GHSA-wp2f-hrg2-3r5m

Maven/org.apache.uima:uimafit-core
Maven/org.apache.uima:uimaj-core
Maven/org.apache.uima:uimaj-core
Maven/org.apache.uima:uimaj-as-core

Improper Restriction of XML External Entity Reference in Apache uimaj

2.0.0
2.1.0
2.2.0
2.3.0
2.10.0
2.10.1
2.3.1
...

2022-08-15T09:12:51.611460Z

Fix available

GHSA-h4x4-5qp2-wp46

Maven/com.fasterxml.jackson.datatype:jackson-datatype-jsr310

Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353

2.2.0-beta1
2.2.1-beta2
2.2.2-beta3
2.2.2-beta4
2.2.3-beta5
2.3.0-beta6
2.3.0-beta7
...

2022-08-15T09:12:51.452737Z

Fix available

GHSA-87cj-px37-rc3x

PyPI/bikeshed

OS Command Injection in bikeshed

1.0.0
1.0.1
1.0.10
1.0.2
1.0.3
1.0.4
1.0.5
...

2022-08-15T09:12:51.126971Z

Fix available

GHSA-54fx-gm74-q676

Maven/io.smallrye.config:smallrye-config

Permissions bypass in SmallRye

1.5.0
1.5.1
1.6.0
1.6.1

2022-08-15T09:12:50.490946Z

Fix available

GHSA-6g3c-2mh5-7q6x

Maven/com.manydesigns:portofino

Missing validation of JWT signature in `ManyDesigns/Portofino`

5.0.0
5.0.1
5.0.2
5.0.3
5.1.0
5.1.1
5.1.2
...

2022-08-15T09:12:48.741134Z

Fix available

GHSA-7q25-qrjw-6fg2

PyPI/safety

Malicious package may avoid detection in python auditing

0.1.0
0.2.0
0.2.1
0.2.2
0.3.0
0.4.0
0.5.0
...

2022-08-15T09:12:46.850721Z

Fix available

GHSA-9q69-g5gc-9fgf

Maven/io.vertx:vertx-web
Maven/io.vertx:vertx-web
Maven/io.vertx:vertx-web
Maven/io.vertx:vertx-web

Cross-Site Request Forgery in Vert.x-Web framework

4.0.0-milestone1
4.0.0-milestone2
4.0.0-milestone3
4.0.0-milestone4
4.0.0-milestone2
4.0.0-milestone3
4.0.0-milestone4
...

2022-08-15T09:12:46.824799Z

Fix available

GHSA-rmrm-75hp-phr2

Maven/org.hibernate.validator:hibernate-validator
Maven/org.hibernate.validator:hibernate-validator

Improper Input Validation in Hibernate Validator

6.1.0.Final
6.1.1.Final
6.1.2.Final
6.1.3.Final
6.1.4.Final
6.0.0.Alpha1
6.0.0.Alpha2
...

2022-08-15T09:12:45.222496Z

Fix available

GHSA-hhm3-48h2-597v

PyPI/apache-superset

Insufficiently Protected Credentials in Apache Superset

0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...

2022-08-15T09:12:43.067818Z

Fix available

GHSA-4ph4-q9r5-6wm6

Maven/org.springframework.batch:spring-batch-core

Deserialization of Untrusted Data in Spring Batch

4.0.0.RELEASE
4.0.1.RELEASE
4.0.2.RELEASE
4.0.3.RELEASE
4.0.4.RELEASE
4.1.0.RELEASE
4.1.1.RELEASE
...

2022-08-15T09:12:41.389019Z

Fix available

GHSA-2p5p-m353-833w

RubyGems/administrate

Sort order SQL injection in Administrate

0.0.10
0.0.11
0.0.12
0.0.2
0.0.3
0.0.4
0.0.6
...

2022-08-15T09:12:39.381201Z

Fix available

GHSA-8h2j-cgx8-6xv7

PyPI/fastapi

Cross-Site Request Forgery (CSRF) in FastAPI

0.1.0
0.1.10
0.1.11
0.1.12
0.1.13
0.1.14
0.1.15
...

2022-08-15T09:12:39.345235Z

Fix available

Vulnerability Library