Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-6g3j-p5g6-992f
  • Maven/org.opensearch:opensearch
OpenSearch StackOverflow vulnerability
  • 1.0.0
  • 1.1.0
  • 1.2.0
  • 1.2.1
  • 1.2.2
  • 1.2.3
  • 1.2.4
  • ...
2023-12-01T19:23:32Z Fix available
GHSA-fg29-37px-c7wm
  • Maven/com.ruoyi:ruoyi
RuoYi vulnerable to SQL injection vulnerability
  • See details.
2023-12-01T15:31:22Z No fix available
GHSA-j24h-xcpc-9jw8
  • Maven/org.eclipse.platform:org.eclipse.ant.ui
  • Maven/org.eclipse.platform:org.eclipse.core.variables
  • Maven/org.eclipse.platform:org.eclipse.debug.core
  • Maven/org.eclipse.platform:org.eclipse.debug.ui
  • Maven/org.eclipse.platform:org.eclipse.core.resources
  • Maven/org.eclipse.core:org.eclipse.core.runtime
  • Maven/org.eclipse.platform:org.eclipse.ant.core
  • Maven/org.eclipse.platform:org.eclipse.ant.launching
  • Maven/org.eclipse.platform:org.eclipse.team.ui
  • Maven/org.eclipse.platform:org.eclipse.compare.examples.xml
  • Maven/org.eclipse.platform:org.eclipse.help.base
  • Maven/org.eclipse.platform:org.eclipse.help.ui
  • Maven/org.eclipse.platform:org.eclipse.help.webapp
  • Maven/org.eclipse.platform:org.eclipse.help
  • Maven/org.eclipse.platform:org.eclipse.tips.ide
  • Maven/org.eclipse.platform:org.eclipse.ui.cheatsheets
  • Maven/org.eclipse.platform:org.eclipse.ui.intro.universal
  • Maven/org.eclipse.platform:org.eclipse.ui.intro
  • Maven/org.eclipse.platform:org.eclipse.update.configurator
Eclipse IDE XXE in eclipse.platform
  • 3.6.201
  • 3.7.0
  • 3.7.100
  • 3.7.1000
  • 3.7.1200
  • 3.7.200
  • 3.7.300
  • ...
2023-11-30T19:52:54Z Fix available
GHSA-77jg-cpw9-73vg
  • Maven/org.apache.cocoon:cocoon
Apache Cocoon Improper Restriction of XML External Entity Reference vulnerability
  • See details.
2023-11-30T12:30:18Z Fix available
GHSA-8v4w-jr33-4rh3
  • Maven/org.apache.cocoon:cocoon
Apache Cocoon SQL Injection vulnerability
  • See details.
2023-11-30T09:30:32Z Fix available
GHSA-r44q-98gx-pmh2
  • Maven/org.apache.dolphinscheduler:dolphinscheduler-api
  • Maven/org.apache.dolphinscheduler:dolphinscheduler-common
  • Maven/org.apache.dolphinscheduler:dolphinscheduler-dao
  • Maven/org.apache.dolphinscheduler:dolphinscheduler-service
Apache DolphinScheduler Missing Authorization vulnerability
  • 1.2.0
  • 1.2.1
  • 1.3.0
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • 1.3.4
  • ...
2023-11-30T09:30:32Z Fix available
GHSA-8hc5-rmgf-qx6p
  • Maven/org.keycloak:keycloak-ldap-federation
  • Maven/org.keycloak:keycloak-services
Keycloak vulnerable to LDAP Injection on UsernameForm Login
  • 1.0-beta-4
  • 1.0-final
  • 1.0-rc-1
  • 1.0-rc-2
  • 1.0.1.Final
  • 1.0.2.Final
  • 1.0.3.Final
  • ...
2023-11-29T21:33:07Z Fix available
GHSA-82q9-88m2-4v68
  • Maven/org.jenkins-ci.plugins:matlab
Jenkins MATLAB Plugin XML External Entity vulnerability
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.1.0
  • 1.1.1
  • 1.1.2
  • ...
2023-11-29T15:30:21Z Fix available
GHSA-9f5g-rgcr-8grw
  • Maven/org.jenkins-ci.plugins:matlab
Jenkins MATLAB Plugin cross-site request forgery vulnerability
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.1.0
  • 1.1.1
  • 1.1.2
  • ...
2023-11-29T15:30:21Z Fix available
GHSA-cv4x-9f34-8rp9
  • Maven/org.jenkins-ci.plugins:matlab
Jenkins MATLAB Plugin missing permission checks
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.1.0
  • 1.1.1
  • 1.1.2
  • ...
2023-11-29T15:30:21Z Fix available
GHSA-pgpj-83g3-mfr2
  • Maven/org.jenkins-ci.plugins:google-compute-engine
Jenkins Google Compute Engine Plugin has incorrect permission checks
  • 1.0-beta-1
  • 1.0-beta-2
  • 1.0.0
  • 1.0.1
  • 1.0.10
  • 1.0.2
  • 1.0.3
  • ...
2023-11-29T15:30:21Z Fix available
GHSA-ph87-4x2g-6hp4
  • Maven/o.jenkins.plugins:neuvector-vulnerability-scanner
Jenkins NeuVector Vulnerability Scanner Plugin missing permission check
  • See details.
2023-11-29T15:30:21Z Fix available
GHSA-qmhq-876f-cr65
  • Maven/org.jenkins-ci.plugins:jira
Jenkins Jira Plugin vulnerable to exposure of system-scoped credentials
  • 1.27
  • 1.28
  • 1.29
  • 1.30
  • 1.31
  • 1.32
  • 1.33
  • ...
2023-11-29T15:30:21Z Fix available
GHSA-wpfc-r5qq-7r7p
  • Maven/o.jenkins.plugins:neuvector-vulnerability-scanner
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability
  • See details.
2023-11-29T15:30:21Z Fix available
GHSA-vmq6-5m68-f53m
  • Maven/ch.qos.logback:logback-classic
  • Maven/ch.qos.logback:logback-core
logback serialization vulnerability
  • 0.2.5
  • 0.3
  • 0.5
  • 0.6
  • 0.7
  • 0.7.1
  • 0.8
  • ...
2023-11-29T12:30:16Z Fix available
GHSA-53v4-42fg-g287
  • Maven/org.apache.activemq:apache-activemq
Apache ActiveMQ Deserialization of Untrusted Data vulnerability
  • 4.1.1
  • 4.1.2
  • 5.0.0
  • 5.1.0
  • 5.10.0
  • 5.10.1
  • 5.10.2
  • ...
2023-11-28T18:30:23Z Fix available