java-1.8.0-openjdk: Fix of 5 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information...

EUVD-2020-16966

Malware in sbrugna...

EUVD-2010-1482

Malware in sbrugna...

EUVD-2023-2100

Malicious code in bioql PyPI...

CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

SUSE CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

VulnCheck KEV: CVE-2021-40684

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running...

BIT-CASSANDRA-2023-30601 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

Apache Cassandra 4.0.x < 4.0.10 / 4.1.x < 4.1.2 Privilege Escalation

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra. This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. The vulnerability requires nodetool/JMX access to be exploitable,...

Apache Cassandra: Privilege escalation when enabling FQL/Audit logs

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

Privilege Escalation

cassandra-all is vulnerable to Privilege Escalation. The vulnerability exists when enabling FQL/Audit logs, which allows an attacker with JMX access to run arbitrary commands...

CVE-2023-30601

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

Privilege escalation

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

CVE-2023-30601

CVE-2023-30601 : Privilege escalation in Apache Cassandra when enabling FQL/Audit logs. A local attacker with nodetool/JMX access can execute arbitrary commands as the Cassandra process user due to a flaw in the FQL/Audit logs implementation. Affected versions: Cassandra 4.0.0–4.0.9 and 4.1.0–4.1...

CVE-2023-30601 Apache Cassandra: Privilege escalation when enabling FQL/Audit logs

Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running Apache Cassandra This issue affects Apache Cassandra: from 4.0.0 through 4.0.9, from 4.1.0 through 4.1.1. WORKAROUND The vulnerability requires nodetool/JMX access to be...

PT-2023-22802 · Apache · Apache Cassandra

Name of the Vulnerable Software and Affected Versions: Apache Cassandra versions 4.0.0 through 4.0.9 Apache Cassandra versions 4.1.0 through 4.1.1 Description: The issue is related to privilege escalation when enabling FQL/Audit logs, allowing a user with JMX access to run arbitrary commands as t...

JBoss: AuthorizationInterceptor allows JMX operation to proceed despite authorization failure

The AuthorizationInterceptor in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and...

OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...