Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xrhh-hx36-485q
  • Maven/io.strimzi:strimzi
 Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands 18 hours ago
  • Fix available
  • Severity - 7.4 (High)
GHSA-cmp6-m4wj-q63q
  • Maven/at.yawk.lz4:lz4-java
  • Maven/org.lz4:lz4-java
  • Maven/org.lz4:lz4-pure-java
  • Maven/net.jpountz.lz4:lz4
 yawkat LZ4 Java has a possible information leak in Java safe decompressor 21 hours ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-f58c-gq56-vjjf
  • Maven/org.apache.tika:tika-core
  • Maven/org.apache.tika:tika-parsers
  • Maven/org.apache.tika:tika-parser-pdf-module
 Apache Tika has XXE vulnerability yesterday
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-4hr2-xf7w-jf76
  • Maven/com.linecorp.centraldogma:centraldogma-server-auth-shiro
 Central Dogma's Login Function Has an Open Redirect Vulnerability yesterday
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-3w8q-xq97-5j7x
  • Maven/org.mozilla:rhino
 Rhino has high CPU usage and potential DoS when passing specific numbers to `toFixed()` function 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-fxp5-37mh-vff5
  • Maven/com.blazemeter.plugins:BlazeMeterJenkinsPlugin
 BlazeMeter Jenkins Plugin is Missing Authorization for Available Resources 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-vjr8-56p3-fmqq
  • Maven/org.keycloak:keycloak-quarkus-server
 Keycloak unable to restrict access to the admin console 4 days ago
  • Fix available
  • Severity - 3.7 (Low)
GHSA-j4vq-q93m-4683
  • Maven/org.keycloak:keycloak-quarkus-dist
 Keycloak has debug default bind address 4 days ago
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-53gx-j3p6-2rw9
  • Maven/org.xwiki.platform:xwiki-platform-tool-jetty-resources
 XWiki Jetty Package (XJetty) allows accessing any application file through URL 4 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-xx7v-hqxh-cjr9
  • Maven/org.apache.struts:struts2-core
 Apache Struts is Vulnerable to DoS via File Leak 4 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-53v5-9752-qq92
  • Maven/org.nutz:nutzboot-parent
 NutzBoot Incorrect Privilege Assignment vulnerability 5 days ago
  • No fix available
  • Severity - 5.5 (Medium)
GHSA-fgmj-6h3v-4q56
  • Maven/org.nutz:nutzboot-parent
 NutzBoot vulnerable to deserialization 5 days ago
  • No fix available
  • Severity - 2.9 (Low)
GHSA-qp56-qj59-hjf8
  • Maven/org.nutz:nutzboot-parent
 NutzBoot vulnerable to information disclosure 5 days ago
  • No fix available
  • Severity - 2.1 (Low)
GHSA-vqf4-7m7x-wgfc
  • Maven/at.yawk.lz4:lz4-java
  • Maven/org.lz4:lz4-java
  • Maven/org.lz4:lz4-pure-java
  • Maven/net.jpountz.lz4:lz4
 LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS 28 Nov
  • Fix available
  • Severity - 8.8 (High)
GHSA-x832-fpvj-r5ph
  • Maven/org.mustangproject:library
  • Maven/org.mustangproject:validator
 Mustangproject allows exfiltrating files via XXE attacks 28 Nov
  • Fix available
  • Severity - 2.8 (Low)
GHSA-5p82-2q3r-wj3m
  • Maven/org.thingsboard:application
 ThingsBoard allows an authenticated user to upload malicious SVG images 27 Nov
  • Fix available
  • Severity - 6.2 (Medium)
Load more...