Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2026/04/10 5:8 p.m.8 views

bg.codexio.ai:openai-api-examples (>=0.8.0.BETA <=0.9.0.BETA-JDK17), ch.cern:cerndb-sw-zkpolicy (=1.0.1-21) +307 more potentially affected by CVE-2026-34479 via org.apache.logging.log4j:log4j-core (>=3.0.0-alpha1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-alpha1, =0.8.0.BETA, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 and more Source cves: CVE-2026-34479 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967804...

7.5CVSS5.4AI score0.00535EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/10 5:6 p.m.12 views

bg.codexio.ai:openai-api-examples (>=0.8.0.BETA <=0.9.0.BETA-JDK17), ch.cern:cerndb-sw-zkpolicy (=1.0.1-21) +307 more potentially affected by CVE-2026-34480 via org.apache.logging.log4j:log4j-core (>=3.0.0-alpha1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-alpha1, =0.8.0.BETA, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 and more Source cves: CVE-2026-34480 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967769...

7.5CVSS5.4AI score0.0086EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/14 12:0 a.m.3 views

Sulu 代码问题漏洞

Sulu is a Symfony framework on an extensible, PHP-based open source content management system from Sulu, Austria. A code issue vulnerability exists in Sulu versions 2.5.21, 2.6.5, and 3.0.0-alpha1, which stems from an administrator user uploading SVGs that could lead to insecure XML external enti...

8.6CVSS6.6AI score0.00376EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/17 2:41 a.m.33 views

Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root. This issue is fixed in versions 2.8.1 and 3.0.0-alpha3...

8.5CVSS5.2AI score0.01795EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/17 2:41 a.m.1 views

GHSA-H24P-QWF4-84Q8 Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root. This issue is fixed in versions 2.8.1 and 3.0.0-alpha3...

7.5CVSS7.2AI score0.01795EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2019/11/20 1:38 a.m.38 views

user/group information can be corrupted across storing in fsimage and reading back from fsimage

In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading back from fsimage...

7.5CVSS0.9AI score0.06554EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2018/12/21 5:50 p.m.26 views

GHSA-99QR-9CC9-FV2X Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any...

7.8CVSS7.4AI score0.00347EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/06/14 12:0 a.m.17 views

Apache Hadoop Privilege Escalation Vulnerability (Jun 2017)

Apache Hadoop is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:hadoop"; i...

8.5CVSS7.2AI score0.01795EPSS
Exploits0References2
Rows per page
Query Builder