OSV - Open Source Vulnerabilities

GHSA-vr59-gm53-v7cq

Maven/org.xwiki.platform:xwiki-platform-distribution-war

XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter

6 hours ago

Fix available
Severity - 9.3 (Critical)

GHSA-jq2c-m8gg-mqcm

Maven/org.apache.jena:jena-fuseki

Apache Jena allows users with administrator access to create databases files outside the files area of the Fuseki server

3 days ago

Fix available
Severity - 4.9 (Medium)

GHSA-xg9p-p463-3qjp

Maven/org.apache.jena:jena

Apache Jena doesn't validate file access paths in configuration files uploaded by users with administrator access

3 days ago

Fix available
Severity - 7.2 (High)

GHSA-83j7-mhw9-388w

Maven/org.keycloak:keycloak-services

Keycloak is vulnerable to bad actors escalating privileges through its Fine-Grained Admin Permissions

6 days ago

No fix available
Severity - 6.5 (Medium)

GHSA-f8vw-8vgh-22r9

Maven/com.xuxueli:xxl-job-core

XXL-JOB is vulnerable to SSRF attacks

6 days ago

No fix available
Severity - 2.1 (Low)

GHSA-f7h5-c625-3795

Maven/org.glassfish.main.admingui:console-common

Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints

16 Jul

No fix available
Severity - 8.9 (High)

GHSA-62g9-99m7-w8wv

Maven/org.glassfish.main.admingui:console-cluster-plugin

Eclipse GlassFish is vulnerable to Stored XSS attacks through its Administration Console

16 Jul

No fix available
Severity - 6.1 (Medium)

GHSA-99f7-hp6j-v6q4

Maven/org.glassfish.main.admingui:console-common

Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts

16 Jul

No fix available
Severity - 6.3 (Medium)

GHSA-hp97-5x6g-q538

Maven/org.glassfish.main.admingui:console-common

Eclipse GlassFish is vulnerable to Stored XSS attacks through configuration file modifications

16 Jul

No fix available
Severity - 5.8 (Medium)

GHSA-mqxx-c43h-jj9v

Maven/org.glassfish.main.admingui:console-common

Eclipse GlassFish is vulnerable to Stored XSS attacks through its Administration Console

16 Jul

No fix available
Severity - 6.1 (Medium)

GHSA-vqrm-83g6-pfv4

Maven/org.glassfish.main.admingui:console-common
Maven/org.glassfish.main.admingui:console-cluster-plugin

Eclipse GlassFish is vulnerable to Reflected XSS attacks through its Administration Console

16 Jul

No fix available
Severity - 4.5 (Medium)

GHSA-4q2v-9p7v-3v22

Maven/io.projectreactor.netty:reactor-netty-http

Reactor Netty HTTP is vulnerable to credential leaks during chained redirects

16 Jul

Fix available
Severity - 6.1 (Medium)

GHSA-vhvx-8xgc-99wf

Maven/org.dspace:dspace-api

DSpace is vulnerable to Path Traversal attacks when importing packages using Simple Archive Format

15 Jul

Fix available
Severity - 5.2 (Medium)

GHSA-jjwr-5cfh-7xwh

Maven/org.dspace:dspace-api

DSpace is vulnerable to XML External Entity injection during archive imports

15 Jul

Fix available
Severity - 6.9 (Medium)

GHSA-36wv-v2qp-v4g4

Maven/org.apache.cxf:cxf-core

Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged

15 Jul

Fix available
Severity - 5.6 (Medium)

GHSA-32mf-57h2-64x9

Maven/org.xwiki.rendering:xwiki-rendering-transformation-macro

XWiki Rendering is vulnerable to RCE attacks when processing nested macros

14 Jul

Fix available
Severity - 9.9 (Critical)