Vulnerability Library

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-2hjr-vmf3-xwvp
  • Maven/org.elasticsearch:elasticsearch
 Elasticsearch Insertion of Sensitive Information into Log File yesterday
  • Fix available
  • Severity - 4.1 (Medium)
GHSA-7726-43hg-m23v
  • Maven/org.openidentityplatform.openam:openam-oauth2
 OpenAM FreeMarker template injection yesterday
  • Fix available
  • Severity - 8.8 (High)
GHSA-p528-3mvf-gr87
  • Maven/org.springframework.cloud:spring-cloud-skipper
 Remote code execution in Spring Cloud Data Flow yesterday
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-8gj9-r4hv-3jjw
  • Maven/org.apache.pinot:pinot-controller
 Apache Pinot: Unauthorized endpoint exposed sensitive information 2 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-v62g-jwj9-rfvx
  • Maven/org.apache.drill.exec:drill-java-exec
 XML External Entity Reference (XXE) in the XML Format Plugin in Apache Drill 2 days ago
  • Fix available
  • Severity - 6.4 (Medium)
GHSA-crjg-w57m-rqqf
  • Maven/dnsjava:dnsjava
 DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks 4 days ago
  • Fix available
  • Severity - 7.7 (High)
GHSA-mmwx-rj87-vfgr
  • Maven/dnsjava:dnsjava
 DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources 4 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-cfxw-4h78-h7fw
  • Maven/dnsjava:dnsjava
 DNSJava DNSSEC Bypass 4 days ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-8pxv-x6jq-5vw9
  • Maven/org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui
  • Maven/org.apache.syncope.client.idrepo:syncope-client-idrepo-console
 Apache Syncope Improper Input Validation vulnerability 4 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-q9w2-h4cw-8ghp
  • Maven/org.apache.rocketmq:rocketmq-all
 Apache RocketMQ Vulnerable to Unauthorized Exposure of Sensitive Data 4 days ago
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-w36w-948j-xhfw
  • Maven/ai.h2o:h2o-core
 H2O vulnerable to Deserialization of Untrusted Data 5 days ago
  • No fix available
  • Severity - 7.7 (High)
GHSA-4mgg-fqfq-64hg
  • Maven/org.apache.cxf:cxf-rt-transports-http
 Apache CXF allows unrestricted memory consumption in CXF HTTP clients 19 Jul
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-5m3j-pxh7-455p
  • Maven/org.apache.cxf:cxf-rt-rs-service-description
 Apache CXF: SSRF vulnerability via WADL stylesheet parameter 19 Jul
  • Fix available
  • Severity - 7.7 (High)
GHSA-6pff-fmh2-4mmf
  • Maven/org.apache.cxf:cxf-rt-rs-security-jose
 Apache CXF Denial of Service vulnerability in JOSE 19 Jul
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-q8f2-hxq5-cp4h
  • Maven/io.netty.incubator:netty-incubator-codec-bhttp
 Absent Input Validation in BinaryHttpParser 18 Jul
  • Fix available
  • Severity - 8.1 (High)
GHSA-xmvg-335g-x44q
  • Maven/org.opensearch.plugin:opensearch-reports-scheduler
 The OpenSearch reporting plugin improperly controls tenancy access to reporting resources 18 Jul
  • Fix available
  • Severity - 5.3 (Medium)
Load more...