Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-jx2w-vp7f-456q
  • Maven/io.quarkiverse.openapi.generator:quarkus-openapi-generator
 quarkus-openapi-generator extension has Zip Slip Path Traversal in ApicurioCodegenWrapper class yesterday
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-gc59-r5jq-98qw
  • Maven/org.eclipse.jetty.ee10:jetty-ee10
 Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables yesterday
  • Fix available
  • Severity - 7.4 (High)
GHSA-h259-74h5-4rh9
  • Maven/org.xwiki.platform:xwiki-platform-legacy-oldcore
  • Maven/org.xwiki.platform:xwiki-platform-oldcore
 XWiki vulnerable to remote code execution with script right through unprotected Velocity scripting API yesterday
  • Fix available
  • Severity - 8.6 (High)
GHSA-hxf2-gm22-7vcm
  • Maven/gov.nsa.emissary:emissary
 Emissary has a Path Traversal via Blacklist Bypass in Configuration API 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-6c37-7w4p-jg9v
  • Maven/gov.nsa.emissary:emissary
 Emissary has a Command Injection via PLACE_NAME Configuration in Executrix 2 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-3g6g-gq4r-xjm9
  • Maven/gov.nsa.emissary:emissary
 Emissary has GitHub Actions Shell Injection via Workflow Inputs 2 days ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-wpwf-v25w-54g3
  • Maven/tech.powerjob:powerjob-server-starter
 PowerJob's GroovyEvaluator.evaluate endpoint vulnerable to code injection 2 days ago
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-4fp2-3xgg-jg4w
  • Maven/tech.powerjob:powerjob-server-starter
 PowerJob vulnerable to SQL injection 2 days ago
  • No fix available
  • Severity - 5.5 (Medium)
GHSA-cpm7-cfpx-3hvp
  • Maven/gov.nsa.emissary:emissary
 Emissary has Stored XSS via Navigation Template Link Injection 2 days ago
  • Fix available
  • Severity - 4.8 (Medium)
GHSA-8jxr-pr72-r468
  • Maven/io.modelcontextprotocol.sdk:mcp-core
 Java-SDK has a DNS Rebinding Vulnerability 2 days ago
  • Fix available
  • Severity - 7.6 (High)
GHSA-fh34-c629-p8xj
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra has sensitive Information Leak in cqlsh 2 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-qffm-gf3j-6mvg
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra has an authenticated DoS over CQL 2 days ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-qxpc-96fq-wwmg
  • Maven/org.apache.cassandra:cassandra-all
 Apache Cassandra is vulnerable to privilege escalation in an mTLS environment using MutualTlsAuthenticator 2 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-2cqq-rpvq-g5qj
  • Maven/org.openidentityplatform.openam:openam
 OpenIdentityPlatform OpenAM: Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM 2 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-h2h4-5m64-m273
  • Maven/org.apache.activemq:activemq-all
  • Maven/org.apache.activemq:activemq-broker
  • Maven/org.apache.activemq:activemq-client
  • Maven/org.apache.activemq:activemq-web
 Apache ActiveMQ: Improper validation and restriction of a classpath path name 3 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-5v8v-xvjv-57x7
  • Maven/org.keycloak:keycloak-services
 Keycloak vulnerable to information disclosure via CORS header injection due to unvalidated JWT azp claim 4 days ago
  • No fix available
  • Severity - 3.7 (Low)
Load more...