CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Positive Technologies•added 2024/01/01 12:0 a.m.•2 views

PT-2024-40553 · Unknown · Checkstyle

Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs in the JavaLanguageParser.expr function, potentially related to encoding issues in the UTF 8.updatePositions and UTF 8$Encoder.encodeArrayLoop functions...

7AI score

Exploits0References2

Positive Technologies•added 2023/11/01 12:0 a.m.•2 views

PT-2023-35556 · Unknown · Checkstyle

Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs due to a crash in the getInnerBopAst function of JavaAstVisitor class in Checkstyle. The issue is related to the ReferencePipeline$3$1.accept and...

6.9AI score

Exploits0References2

Positive Technologies•added 2023/07/27 12:0 a.m.•2 views

PT-2023-35924 · Unknown · Checkstyle

Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs in the JavaLanguageParser.expr function, leading to a crash. The issue is related to the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr...

6.9AI score

Exploits0References2

Positive Technologies•added 2023/07/17 12:0 a.m.•2 views

PT-2023-35912 · Unknown · Checkstyle

Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs in the JavaLanguageParser.expr function, leading to a crash. The issue is related to the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr...

6.9AI score

Exploits0References2

SUSE CVE•added 2023/02/15 4:20 a.m.•1 views

SUSE CVE-2018-1000009

Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...

8.8CVSS8.7AI score0.00065EPSS

Exploits0References4

vulnersOsv•added 2022/05/14 3:46 a.m.•1 views

com.groupon.jenkins-ci.plugins:DotCi-Plugins-Starter-Pack (>=1.7.2 <=1.8.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.7.1) +1 more potentially affected by CVE-2018-1000009 via org.jvnet.hudson.plugins:checkstyle (>=3.32 <=3.43)

org.jvnet.hudson.plugins:checkstyle MAVEN version =3.32, =1.7.2, =1.0.0, =1.7.1 - org.jenkins-ci.plugins:php =1.0 Source cves: CVE-2018-1000009 Source advisory: OSV:GHSA-JFJ9-7J5W-6XGX...

8.8CVSS7.2AI score0.00065EPSS

Exploits0

Snyk•added 2020/01/25 6:47 p.m.•2 views

XML External Entity (XXE) Injection

Overview com.puppycrawl.tools:checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. Affected versions of this package are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658 checkstyle was still vulnerable to...

5.9CVSS7.5AI score0.03682EPSS

Exploits1References2