Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-wf8f-6423-gfxg
  • Maven/com.fasterxml.jackson.core:jackson-core
 Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation 22 hours ago
  • Fix available
  • Severity - 4.0 (Medium)
GHSA-qx7g-fx8q-545g
  • Maven/com.erudika:para-server
 Para Inserts Sensitive Information into Log File for Facebook authentication yesterday
  • No fix available
  • Severity - 6.2 (Medium)
GHSA-7v6m-28jr-rg84
  • Maven/org.hibernate.validator:hibernate-validator
 Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language 4 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-9qvj-rpj8-v5c8
  • Maven/org.apache.pekko:pekko-management_2.12
  • Maven/com.lightbend.akka.management:akka-management_2.13
  • Maven/org.apache.pekko:pekko-management_2.13
  • Maven/org.apache.pekko:pekko-management_3
  • Maven/com.lightbend.akka.management:akka-management_2.12
  • Maven/com.lightbend.akka.management:akka-management_3
 Pekko Management may not properly apply authenticator when Basic Authentication enabled 4 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-5gr5-vmmr-82g6
  • Maven/xyz.erupt:erupt
 Erupt Unrestricted Upload of File with Dangerous Type vulnerability 4 days ago
  • No fix available
  • Severity - 5.4 (Medium)
GHSA-xpxp-r8hf-wgf6
  • Maven/org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui
 WSO2 products vulnerable to Cross-site Scripting 5 days ago
  • Fix available
  • Severity - 5.2 (Medium)
GHSA-v75g-77vf-6jjq
  • Maven/com.erudika:para-server
 Para Server Logs Sensitive Information 30 May
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-j63j-7r7r-5v4j
  • Maven/org.wso2.am:am-parent
  • Maven/org.wso2.is:identity-server-parent
 WSO2 products vulnerable to privilege escalation due to business logic flaw in SOAP admin services 30 May
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-6j2q-c73v-97c5
  • Maven/org.springframework.cloud:spring-cloud-gateway-server
 Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies 30 May
  • Fix available
  • Severity - 8.6 (High)
GHSA-h2fw-rfh5-95r3
  • Maven/org.apache.tomcat:tomcat-catalina
  • Maven/org.apache.tomcat.embed:tomcat-embed-core
 Apache Tomcat - CGI security constraint bypass 29 May
  • Fix available
  • Severity - 1.7 (Low)
GHSA-wxr5-93ph-8wr9
  • Maven/commons-beanutils:commons-beanutils
  • Maven/org.apache.commons:commons-beanutils2
 Apache Commons Improper Access Control vulnerability 28 May
  • Fix available
  • Severity - 8.8 (High)
GHSA-965r-9cg9-g42p
  • Maven/com.ritense.valtimo:objecten-api
  • Maven/com.ritense.valtimo:object-management
 Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users 28 May
  • Fix available
  • Severity - 8.3 (High)
GHSA-532x-j9r7-8f73
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass 28 May
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-98v7-xxxv-hcrh
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read 28 May
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-r324-vgr5-73c9
  • Maven/org.apache.inlong:manager-pojo
 Apache InLong: JDBC Vulnerability during verification processing 28 May
  • Fix available
  • Severity - 8.1 (High)
GHSA-g88v-2j67-9rmx
  • Maven/org.codelibs.fess:fess
 Fess has Insecure Temporary File Permissions 27 May
  • Fix available
  • Severity - 1.2 (Low)
Load more...