45 matches found
ROOT-APP-MAVEN-CVE-2026-54513 CVE-2026-54513 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2026-54513 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2020-36518 CVE-2020-36518 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2020-36518 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-48043 CVE-2026-48043 in io.root.io.netty:netty-codec-http2 - Patched by Root
Root has patched CVE-2026-48043 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42583 CVE-2026-42583 in io.root.io.netty:netty-codec - Patched by Root
Root has patched CVE-2026-42583 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-22741 CVE-2026-22741 in io.root.org.springframework:spring-webmvc - Patched by Root
Root has patched CVE-2026-22741 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-40991 CVE-2026-40991 in io.root.org.springframework.restdocs:spring-restdocs-restassured - Patched by Root
Root has patched CVE-2026-40991 in the io.root.org.springframework.restdocs:spring-restdocs-restassured package for Root:Maven. Multiple fixed versions available...
FreeBSD : Gitlab -- Vulnerabilities (ee1e7aef-7117-11f1-873f-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ee1e7aef-7117-11f1-873f-2cf05da270f3 advisory. Gitlab reports: Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Cross-site...
CVE-2026-5952
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite...
ROOT-APP-MAVEN-CVE-2025-68390 CVE-2025-68390 in io.root.org.elasticsearch.plugin:x-pack-core - Patched by Root
Root has patched CVE-2025-68390 in the io.root.org.elasticsearch.plugin:x-pack-core package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2020-14061 CVE-2020-14061 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2020-14061 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2022-45143 CVE-2022-45143 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root
Root has patched CVE-2022-45143 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...
ai.chronon:online_2.13 (>=0.0.25 <=revert-391-thread-0.0.24), ai.chronon:service_2.13 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +4114 more potentially affected by CVE-2026-35554 via org.apache.kafka:kafka-clients (>=2.8.0 <=3.9.1)
org.apache.kafka:kafka-clients MAVEN version =2.8.0, =0.0.25, =0.0.86, =1.0.6, =1.0.6, =0.1, =0.2.7, =0.2.7, =3.0.1, =2.8.4-alpha1, =1.0.0, =1.0.0-beta, =0.0.1-alpha1, =1.2.4, =1.2.6 and more Source cves: CVE-2026-35554 Source advisory: SNYK:JAVA-ORGAPACHEKAFKA-16032179...
ae.teletronics.nlp:categorisation (>=1.3 <=1.6), ae.teletronics.nlp:entityextraction (>=1.3 <=1.4) +4956 more potentially affected by CVE-2025-66566 via net.jpountz.lz4:lz4 (>=1.1.0 <=1.3.0)
net.jpountz.lz4:lz4 MAVEN version =1.1.0, =1.3, =1.3, =0.42.1, =1.3.0, =0.13.0, =1.1.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.10.0, =0.13.0, =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2025-66566 Source advisory: OSV:GHSA-CMP6-M4WJ-Q63Q...
EUVD-2025-199706
Malicious code in org.mvnpm:posthog-node Maven...
MAL-2025-191470 Malicious code in org.mvnpm:posthog-node (Maven)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security ea90a5928d7667bed4fa9f6effbbe6c8d3ad6521ca51ca2b01551bc02373a7d2 This package was compromised by the Sha1-Hulud: The Second Coming NPM worm. The malicious payload steals tokens and credentials and...
EUVD-2021-26296
Malware in sbrugna...
EUVD-2020-7512
Malware in sbrugna...
EUVD-2019-9239
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-39940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...
CVE-2020-15525
GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint...