Lucene search
+L

5 matches found

PyPA
PyPA
added 2026/02/13 12:16 p.m.11 views

PYSEC-2026-26

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas.This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version1.12.0.Users are recommended to upgrade to version 1.12.1 or...

7.3CVSS7.2AI score0.00602EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/13 11:47 a.m.7 views

CVE-2025-33042 Apache Avro Java SDK: Code injection on Java generated code

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 o...

7.3CVSS7.2AI score0.00602EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/05/20 12:0 a.m.4 views

PT-2022-19432 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.9.16 Cilium versions prior to 1.10.11 Cilium versions prior to 1.11.5 Description: Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. It...

8.8CVSS6.8AI score0.00277EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2021/05/11 12:0 a.m.6 views

PT-2021-14698 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. The issue is...

7.1CVSS6.8AI score0.00522EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/05/11 12:0 a.m.7 views

PT-2021-14697 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: The issue allows attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. This is due to a lack of...

4.3CVSS4.4AI score0.01301EPSS
Exploits0References5
Rows per page
Query Builder