Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-5w52-96jj-fv59
  • Maven/org.jenkins-ci.plugins:vmanager-plugin
 Jenkins Cadence vManager Plugin Vulnerable to Cross-Site Request Forgery 4 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-cp9r-g575-xc5f
  • Maven/io.jenkins.plugins:dingding-notifications
 Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation 4 days ago
  • No fix available
  • Severity - 5.9 (Medium)
GHSA-p89h-p4ph-4vj6
  • Maven/org.jenkins-ci.plugins:wso2id-oauth
 Jenkins WSO2 Oauth Plugin Fails to Properly Authenticate User Credentials 4 days ago
  • No fix available
  • Severity - 8.7 (High)
GHSA-q7c3-x7hm-qq72
  • Maven/io.jenkins.plugins:oidc-provider
 Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens 4 days ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-rf73-97j8-9vqh
  • Maven/org.jenkins-ci.plugins:vmanager-plugin
 Jenkins Cadence vManager Plugin is Missing Permission Checks 4 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-xrpq-4g9w-qrwj
  • Maven/org.jenkins-ci.plugins:cloudbees-jenkins-advisor
 Jenkins Health Advisor by CloudBees Plugin Vulnerable to Cross-Site Scripting 4 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-pwm3-776c-8q7q
  • Maven/io.github.bonigarcia:webdrivermanager
 BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference 4 days ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-5fc3-pqf2-57cx
  • Maven/org.apache.iotdb:node-commons
 Apache IoTDB Discloses Sensitive Information via Log Files 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-f4rq-f4j9-f6rm
  • Maven/org.apache.iotdb:iotdb-core
 Apache IoTDB Vulnerable to Remote Code Execution 5 days ago
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-gp98-hfvm-2r4x
  • Maven/org.apache.iotdb:iotdb-jdbc
 Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-pvp8-3xj6-8c6x
  • Maven/commons-configuration:commons-configuration
 Apache Commons Configuration Uncontrolled Resource Consumption 09 May
  • No fix available
  • Severity - 2.7 (Low)
GHSA-889j-63jv-qhr8
  • Maven/org.eclipse.jetty.http2:jetty-http2-common
 Eclipse Jetty HTTP/2 client can force the server to allocate a humongous byte buffer that may lead to OoM and subsequently the JVM to exit 08 May
  • Fix available
  • Severity - 7.5 (High)
GHSA-q4rv-gq96-w7c5
  • Maven/org.eclipse.jetty:jetty-server
 **UNSUPPORTED WHEN ASSIGNED** GzipHandler causes part of request body to be seen as request body of a separate request 08 May
  • Fix available
  • Severity - 7.2 (High)
GHSA-72qj-48g4-5xgx
  • Maven/rubygems:jruby-openssl
  • Maven/org.jruby:jruby
 JRuby-OpenSSL has hostname verification disabled by default 07 May
  • Fix available
  • Severity - 5.7 (Medium)
GHSA-76vf-mpmx-777j
  • Maven/org.graylog2:graylog2-server
 Graylog Allows Session Takeover via Insufficient HTML Sanitization 07 May
  • Fix available
  • Severity - 8.0 (High)
GHSA-q9q2-3ppx-mwqf
  • Maven/org.graylog2:graylog2-server
 Graylog Allows Stored Cross-Site Scripting via Files Plugin and API Browser 07 May
  • Fix available
  • Severity - 7.3 (High)
Load more...