de.eonas.portal.demo:content (=0.1), de.eonas.portal.demo:templates (=0.1) +107 more potentially affected by CVE-2024-42699 via org.opencms:opencms-core (>=8.0.1 <=9.5.3)

org.opencms:opencms-core MAVEN version =8.0.1, =8.5.1.1, =8.5.1.1, =8.0.1, =8.0.1, =8.0.4, =8.5.0, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.5.0, =8.5.2 and more Source cves: CVE-2024-42699 Source advisory: SNYK:JAVA-ORGOPENCMS-9802334...

de.eonas.portal.demo:content (=0.1), de.eonas.portal.demo:templates (=0.1) +107 more potentially affected by CVE-2024-41446 via org.opencms:opencms-core (>=8.0.1 <=9.5.3)

org.opencms:opencms-core MAVEN version =8.0.1, =8.5.1.1, =8.5.1.1, =8.0.1, =8.0.1, =8.0.4, =8.5.0, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.5.0, =8.5.2 and more Source cves: CVE-2024-41446 Source advisory: SNYK:JAVA-ORGOPENCMS-9802335...

org.webjars.npm:angular-lock (=2.0.3), org.webjars.npm:auth0-js (>=8.4.0 <=9.28.0) +11 more potentially affected by CVE-2025-46653 via org.webjars.npm:formidable (>=1.2.2 <=2.1.2)

org.webjars.npm:formidable MAVEN version =1.2.2, =8.4.0, =4.0.0-alpha, =1.1.0, =2.1.7, =1.0.6, =3.3.1, =7.1.6 - org.webjars.npm:supertest =3.4.2 Source cves: CVE-2025-46653 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-10006768...

de.eonas.portal.demo:content (=0.1), de.eonas.portal.demo:templates (=0.1) +107 more potentially affected by CVE-2024-41447 via org.opencms:opencms-core (>=8.0.1 <=9.5.3)

org.opencms:opencms-core MAVEN version =8.0.1, =8.5.1.1, =8.5.1.1, =8.0.1, =8.0.1, =8.0.4, =8.5.0, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.0.1, =8.5.0, =8.5.2 and more Source cves: CVE-2024-41447 Source advisory: SNYK:JAVA-ORGOPENCMS-9802336...

Security Bulletin: Denial of service vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect Operations Center (CVE-2024-40094).

Summary IBM Storage Protect Operations Center may be affected by denial of service caused by failure to consider ExecutableNormalizedFields in Open-source GraphQL Java library used by IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java ak...

com.antonyudin.wildfly.security:ay-securityrealm-ejb (=1.0), org.jboss.as:hal-testsuite-basic (=0.0.6) +13 more potentially affected by CVE-2025-23368 via org.wildfly.core:wildfly-elytron-integration (>=10.0.0.Beta1 <=9.0.2.Final)

org.wildfly.core:wildfly-elytron-integration MAVEN version =10.0.0.Beta1, =5.0.0.Alpha6, =3.0.0.Beta17, =5.0.0.Alpha6, =3.0.0.Beta17, =13.0.0.Beta1, =5.0.0.Alpha6, =3.0.0.Beta22, =25.0.0.Final, =25.0.0.Final, =25.0.0.Final, =27.0.0.Alpha2, =27.0.0.Final, =27.0.1.Final Source cves: CVE-2025-23368...

USN-7283-1: Apache Solr vulnerability

It was discovered that the Apache Solr DataImportHandler module incorrectly handled certain request parameters in a default configuration. A remote attacker could possibly use this issue to execute arbitrary code...

CVE-2025-0851

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

The vulnerabilities of the unzip() and untar() functions in the Deep Java Library (DJL) allow a hacker to write arbitrary files.

The vulnerability of the unzip and untar functions in the Deep Java Library DJL is related to improper external handling of file names or paths. Exploiting this vulnerability allows a malicious actor to write any files they desire remotely...

Path Traversal

Deep Java Library DJL is vulnerable to a Path Traversal. The vulnerability is due to insufficient validation of file paths in the ZipUtils.unzip and TarUtils.untar methods, allows an attacker to manipulate file paths, enabling them to write files to arbitrary locations on the system...

Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

GHSA-JCRP-X7W3-FFMG Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

CVE-2025-0851

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851 Path traversal issue in Deep Java Library

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851 Path traversal issue in Deep Java Library

A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...

CVE-2025-0851

CVE-2025-0851 affects Deep Java Library (DJL): the unzip (ZipUtils) and untar (TarUtils) extraction utilities contain a path traversal flaw that can cause artifacts to be written outside the intended destination when extracting archives. Affected versions are DJL 0.1.0 through 0.31.0; the issue i...

Deep Java Library 安全漏洞

Deep Java Library is an open source, high-level, engine-independent deep learning Java framework from Deep Java Library Open Source. A security vulnerability exists in Deep Java Library versions prior to 0.31.1, which stems from a path traversal issue in ZipUtils.unzip and TarUtils.untar that...

PT-2025-4075

Name of the Vulnerable Software and Affected Versions Deep Java Library DJL versions 0.1.0 through 0.31.0 Description A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations. This issue exists d...