Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-23f4-hfmq-94mj
  • Maven/com.github.liuyueyi.media:batik-codec-fix
 Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec 3 days ago
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-444m-px7r-qpvv
  • Maven/com.foxinmy:weixin4j-base
 weixin4j has Improperly Controlled Sequential Memory Allocation 3 days ago
  • No fix available
  • Severity - 6.3 (Medium)
GHSA-8623-9fwr-4cxv
  • Maven/com.github.liuyueyi.media:batik-codec-fix
 Quick-Media Batik Codec FIX package has Code Injection vulnerability 3 days ago
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-hcx3-3q5c-r5v6
  • Maven/com.github.briandilley.jsonrpc4j:jsonrpc4j
 jsonrpc4j has Infinite Loop in RPC Stream Writer 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-rqfh-9r24-8c9r
  • Maven/org.assertj:assertj-core
 AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion 4 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-63v5-26vq-m4vm
  • Maven/org.keycloak:keycloak-services
 Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods 4 days ago
  • No fix available
  • Severity - 3.1 (Low)
GHSA-frpp-8pwq-hjrx
  • Maven/org.hibernate.reactive:hibernate-reactive-core
 Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion 4 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-77p9-w6pj-rmvg
  • Maven/org.apache.continuum:continuum
 Apache Continuum vulnerable to Command Injection through Installations REST API 4 days ago
  • No fix available
  • Severity - 9.9 (Critical)
GHSA-jmw5-58c7-587h
  • Maven/org.apache.karaf.decanter.collector:org.apache.karaf.decanter.collector.log.socket
 Apache Karaf Decanter has Deserialization of Untrusted Data in its Log Socket Collector 4 days ago
  • Fix available
  • Severity - 3.7 (Low)
GHSA-92cc-952p-v8rh
  • Maven/org.apache.hadoop:hadoop-hdfs-native-client
 Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability 4 days ago
  • Fix available
  • Severity - 7.3 (High)
GHSA-wvqx-m5px-6cmp
  • Maven/org.xwiki.platform:xwiki-platform-web-templates
 XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages 23 Jan
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-qqpg-mvqg-649v
  • Maven/ch.qos.logback:logback-core
 Logback allows an attacker to instantiate classes already present on the class path 22 Jan
  • Fix available
  • Severity - 1.8 (Low)
GHSA-594w-2fwp-jwrc
  • Maven/org.keycloak:keycloak-services
 Keycloak Admin REST API exposes backend schema and rules 21 Jan
  • No fix available
  • Severity - 2.7 (Low)
GHSA-qr3p-2xj2-q7hq
  • Maven/org.apache.solr:solr-core
 Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin 21 Jan
  • Fix available
  • Severity - 8.2 (High)
GHSA-vc2w-4v3p-2mqw
  • Maven/org.apache.solr:solr-core
 Apache Solr: Insufficient file-access checking in standalone core-creation requests 21 Jan
  • Fix available
  • Severity - 7.1 (High)
GHSA-wv3h-x6c4-r867
  • Maven/org.keycloak:keycloak-services
 Keycloak services allows the issuance of access and refresh tokens for disabled users 21 Jan
  • No fix available
  • Severity - 6.5 (Medium)
Load more...