Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-fccg-7w3p-w66f
  • Maven/nu.validator:validator
  • npm/vnu-jar
 Nu Html Checker (vnu) contains a Server-Side Request Forgery (SSRF) vulnerability 19 hours ago
  • No fix available
  • Severity - 5.5 (Medium)
GHSA-hrvf-g648-rf3m
  • Maven/net.sourceforge.plantuml:plantuml
 PlantUML is vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams yesterday
  • Fix available
  • Severity - 2.0 (Low)
GHSA-v897-pv23-r8cw
  • Maven/org.keycloak:keycloak-quarkus-server
 Keycloak has an improper input validation vulnerability yesterday
  • No fix available
  • Severity - 3.7 (Low)
GHSA-4jrw-64vr-7g8m
  • Maven/org.apache.camel:camel-neo4j
 Apache Camel camel-neo4j component is vulnerable to cypher injection 2 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-gxp5-mv27-vjcj
  • Maven/net.gleske:jervis
 Jervis's AES CBC Mode is Without Authentication 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-5pq9-5mpr-jj85
  • Maven/net.gleske:jervis
 Jervis Has a JWT Algorithm Confusion Vulnerability 3 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-c9q6-g3hr-8gww
  • Maven/net.gleske:jervis
 Jervis Has Weak Random for Timing Attack Mitigation 3 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-36h5-vrq6-pp34
  • Maven/net.gleske:jervis
 Jervis's Salt for PBKDF2 derived from password 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-67rj-pjg6-pq59
  • Maven/net.gleske:jervis
 Jervis Has a SHA-256 Hex String Padding Bug 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-crxp-chh4-9ghp
  • Maven/net.gleske:jervis
 Jervis has Deterministic AES IV Derivation from Passphrase 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-mqw7-c5gg-xq97
  • Maven/net.gleske:jervis
 Jervis Has a RSA PKCS#1 Padding Vulnerability 3 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-qcfc-hmrc-59x7
  • Maven/com.opensymphony:xwork
  • Maven/org.apache.struts.xwork:xwork-core
  • Maven/org.apache.struts:struts2-core
 Apache Struts 2 is Missing XML Validation 5 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-2g22-wg49-fgv5
  • Maven/org.xwiki.contrib:macro-fullcalendar-pom
 XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService 09 Jan
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-637h-ch24-xp9m
  • Maven/org.xwiki.contrib:macro-fullcalendar-pom
 XWiki Full Calendar Macro vulnerable to data leak through Calendar.JSONService 09 Jan
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-gv94-wp4h-vv8p
  • Maven/org.keycloak:keycloak-parent
 Keycloak has Incorrect Behavior Order: Authorization Before Parsing and Canonicalization 08 Jan
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-fcqj-76g3-q7qm
  • Maven/ome:pom-bio-formats
 Bio-Formats has an XML External Entity (XXE) vulnerability 07 Jan
  • No fix available
  • Severity - 4.6 (Medium)
Load more...