Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
314969
AlmaLinux
3790
Alpine
3741
Android
2907
Bitnami
5664
Chainguard
27727
CRAN
10
crates.io
1730
Debian
46982
GHC
3
GIT
29716
GitHub Actions
28
Go
4348
Hackage
24
Hex
37
Linux
13573
Mageia
5643
Maven
5638
MinimOS
1805
npm
27255
NuGet
1446
openSUSE
10096
OSS-Fuzz
3623
Packagist
4739
Pub
10
PyPI
15992
Red Hat
16413
Rocky Linux
1758
RubyGems
1685
SUSE
16465
SwiftURL
35
Ubuntu
46997
Wolfi
15089
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-j288-q9x7-2f5v
Maven/org.apache.commons:commons-lang3
Maven/commons-lang:commons-lang
Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs
2 days ago
Fix available
Severity - 6.5 (Medium)
GHSA-xwmg-2g98-w7v9
Maven/com.nimbusds:nimbus-jose-jwt
Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON
2 days ago
Fix available
Severity - 5.8 (Medium)
GHSA-25xr-qj8w-c4vf
Maven/org.apache.tomcat:tomcat-coyote
Apache Tomcat Coyote vulnerable to Denial of Service via excessive HTTP/2 streams
3 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-4j3c-42xv-3f84
Maven/org.apache.tomcat:tomcat-util
Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector
3 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-wr62-c79q-cv37
Maven/org.apache.tomcat:tomcat-catalina
Apache Tomcat Catalina is vulnerable to DoS attack through bypassing of size limits
3 days ago
Fix available
Severity - 6.3 (Medium)
GHSA-gj52-35xm-gxjh
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to phishing attacks through its Review Profile section
3 days ago
Fix available
Severity - 5.4 (Medium)
GHSA-23j7-px3w-jwp2
Maven/io.jenkins.plugins:xooa
Jenkins Xooa Plugin vulnerability does not mask its Xooa Deployment Token
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-2g8w-9933-36vr
Maven/org.jenkins-ci.plugins:warrior
Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-56h7-r62c-83qp
Maven/io.jenkins.plugins:xooa
Jenkins Xooa Plugin vulnerability exposes unencrypted tokens to authenticated users
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-8gp3-m447-gw2v
Maven/org.jenkins-ci.plugins:vaddy-plugin
Jenkins VAddy Plugin vulnerability exposes plaintext keys on its job configuration form
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-jmrv-rxgr-phvr
Maven/org.jenkins-ci.plugins:applitools-eyes
Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-q92v-3f4w-5xg8
Maven/org.jenkins-ci.plugins:pplitools-eyes
Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-w4xv-mj6v-p4g2
Maven/io.jenkins.plugins:user1st-utester
Jenkins User1st uTester Plugin vulnerability exposes unencrypted token to authenticated users
4 days ago
No fix available
Severity - 3.3 (Low)
GHSA-26x3-7jw5-7mg4
Maven/org.jenkins.plugins.statistics.gatherer:statistics-gatherer
Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-28j3-hphh-cjr8
Maven/com.apica:ApicaLoadtest
Jenkins Apica Loadtest Plugin vulnerability exposes authentication tokens
4 days ago
No fix available
Severity - 4.3 (Medium)
GHSA-45hr-8gq6-7f7f
Maven/org.jenkins-ci.plugins:nouvola-divecloud
Jenkins Nouvola DiveCloud Plugin vulnerability stores unencrypted credentials
4 days ago
No fix available
Severity - 4.3 (Medium)
Load more...
Maven - OSV