Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-24mc-gc52-47jv
  • NuGet/ICG.AspNetCore.Utilities.CloudStorage
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than Expected 16 hours ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-v9xq-2mvm-x8xc
  • NuGet/Duende.IdentityServer
Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs 2 days ago
  • Fix available
  • Severity - 2.1 (Low)
GHSA-j945-c44v-97g6
  • Maven/net.sf.mpxj:mpxj
  • RubyGems/mpxj
  • PyPI/mpxj
  • NuGet/net.sf.mpxj
  • NuGet/net.sf.mpxj-for-csharp
  • NuGet/net.sf.mpxj-for-vb
  • NuGet/MPXJ.Net
MPXJ has a Potential Path Traversal Vulnerability 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-wxw9-6pv9-c3xc
  • NuGet/Umbraco.CMS
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out 22 Oct
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-5955-cwv4-h7qh
  • NuGet/UmbracoCms
  • NuGet/Umbraco.Cms
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice 22 Oct
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-fp6q-gccw-7qqm
  • NuGet/Umbraco.CMS
  • NuGet/UmbracoCMS
Umbraco CMS logout page displayed before session expiration 22 Oct
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-4gp9-ff99-j6vj
  • NuGet/Umbraco.CMS
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API 22 Oct
  • Fix available
GHSA-c5g6-6xf7-qxp3
  • NuGet/Umbraco.Cms.StaticAssets
  • npm/@umbraco-cms/backoffice
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section 22 Oct
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-7vfh-cqpc-4267
  • NuGet/OPCFoundation.NetStandard.Opc.Ua
  • NuGet/OPCFoundation.NetStandard.Opc.Ua.Core
Security Update for the OPC UA .NET Standard Stack 18 Oct
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-qm9f-c3v9-wphv
  • NuGet/OPCFoundation.NetStandard.Opc.Ua.Core
  • NuGet/OPCFoundation.NetStandard.Opc.Ua
Security Update for the OPC UA .NET Standard Stack 18 Oct
  • Fix available
  • Severity - 7.5 (High)
GHSA-4qm4-8hg2-g2xm
  • NuGet/MessagePack
MessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflow 17 Oct
  • Fix available
MAL-2024-9932
  • Not specified
Malicious code in LibEmbedder.Fody (NuGet) 16 Oct
  • No fix available
MAL-2024-9931
  • Not specified
Malicious code in Blazor.Net (NuGet) 16 Oct
  • No fix available
GHSA-8g4q-xg66-9fp4
  • NuGet/System.Text.Json
Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability 08 Oct
  • Fix available
  • Severity - 8.8 (High)
GHSA-f32c-w444-8ppv
  • NuGet/System.IO.Packaging
Microsoft Security Advisory CVE-2024-43484 | .NET Denial of Service Vulnerability 08 Oct
  • Fix available
  • Severity - 8.8 (High)
GHSA-qj66-m88j-hmgj
  • NuGet/System.Security.Cryptography.Cose
  • NuGet/System.IO.Packaging
  • NuGet/Microsoft.Extensions.Caching.Memory
Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability 08 Oct
  • Fix available
  • Severity - 8.8 (High)