EUVD-2026-5007

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions starting with 7.19.0 and prior to 7.21.0 and 8.2.0 have an incomplete fix for CVE-2026-23947. While the jsStringEscape function properly handles single quotes ', double quotes " and so...

FasterXML Vulnerability in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, and 8.13.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

SUSE CVE-2018-1000121

A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service...

PT-2021-5809 · Atlassian +5 · Bitbucket +6

Name of the Vulnerable Software and Affected Versions: Apache Velocity Engine versions up to 2.2 Bitbucket Data Center and Server versions 7.21.0 through 7.21.7 Description: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with...

DEBIAN-CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

PT-2019-7839 · Red Hat · Business Central +1

Name of the Vulnerable Software and Affected Versions: KIE server and Business Central versions prior to 7.21.0.Final Description: A security issue has been reported where username and password are stored as plaintext Java properties. This allows any application deployed on the same server to...

CVE-2018-1000121

A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service...

CVE-2018-1000121

A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service...

cURL >= 7.21.0 and < 7.49.0 MitM Spoofing

Binary data 802007.prm...

[SECURITY] [DLA 64-1] curl security update

Package : curl Version : 7.21.0-2.1+squeeze9 CVE ID : CVE-2014-3613 CVE-2014-3613 By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary site...