Lucene search
+L

7 matches found

nessus
nessus
added 2026/02/09 12:0 a.m.5 views

Fedora 43 : plantuml (2026-e25e1b1d0f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e25e1b1d0f advisory. Update to version 1.2026.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

6.1CVSS5.6AI score0.00303EPSS
Exploits0References2
openvas
openvas
added 2026/02/09 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2026-e25e1b1d0f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.5AI score0.00303EPSS
Exploits0References6
nessus
nessus
added 2026/02/09 12:0 a.m.5 views

Fedora 42 : plantuml (2026-0d819a3a70)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d819a3a70 advisory. Update to version 1.2026.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

6.1CVSS5.6AI score0.00303EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2026/01/16 6:30 a.m.7 views

ba.sake:hepek-components_2.12 (>=0.7.0 <=0.8.0), ba.sake:hepek-components_2.13 (>=0.7.0 <=0.9.0) +327 more potentially affected by CVE-2026-0858 via net.sourceforge.plantuml:plantuml (>=1.2017.12 <=1.2025.7)

net.sourceforge.plantuml:plantuml MAVEN version =1.2017.12, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.0.2, =0.0.1, =0.0.59, =0.0.46, =0.0.46, =1.4.0, =2.0.0-M4 and more Source cves: CVE-2026-0858 Source advisory: OSV:GHSA-HRVF-G648-RF3M...

6.1CVSS5.4AI score0.00303EPSS
Exploits0
vulnrichment
vulnrichment
added 2026/01/16 5:0 a.m.2 views

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

6.1CVSS5.9AI score0.00303EPSS
Exploits0References3
alpinelinux
alpinelinux
added 2026/01/16 5:0 a.m.6 views

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

6.1CVSS5.8AI score0.00303EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2025/12/23 2:22 p.m.8 views

ba.sake:hepek-components_2.12 (>=0.7.0 <=0.8.0), ba.sake:hepek-components_2.13 (>=0.7.0 <=0.9.0) +327 more potentially affected by CVE-2026-0858 via net.sourceforge.plantuml:plantuml (>=1.2017.12 <=1.2025.7)

net.sourceforge.plantuml:plantuml MAVEN version =1.2017.12, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.0.2, =0.0.1, =0.0.59, =0.0.46, =0.0.46, =1.4.0, =2.0.0-M4 and more Source cves: CVE-2026-0858 Source advisory: SNYK:JAVA-NETSOURCEFORGEPLANTUML-14552230...

6.1CVSS5.4AI score0.00303EPSS
Exploits0
Rows per page
Query Builder