Apache Struts 2 is Missing XML Validation

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue...

GHSA-QCFC-HMRC-59X7 Apache Struts 2 is Missing XML Validation

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue...

CVE-2025-66648

The CVE-2025-66648 issue affects vega-functions (Vega expression language implementation). Prior to version 6.1.1, an internal function (not part of the public API) could be abused when sites accept untrusted input, enabling unintended JavaScript execution (XSS). The vulnerability is fixed in veg...

PT-2023-32988 · Unknown +1 · Cheqd-Node +1

Name of the Vulnerable Software and Affected Versions: ibc-go versions prior to v6.1.1 cheqd-node versions prior to v1.4.2 Description: This issue has a low severity in general, with low impact and likelihood of exploitation. However, depending on the full node architecture, it could potentially...

Kibana 6.1.1 security update

Kibana arbitrary code execution issue ESA-2017-24 Kibana version 6.1.0 had an arbitrary code execution vulnerability in the Math.js package which is used by math aggregations in Time Series Visual Builder. Kibana users could construct a math aggregation capable of executing arbitrary code on the...