5 matches found
PYSEC-2026-26
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas.This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version1.12.0.Users are recommended to upgrade to version 1.12.1 or...
CVE-2025-33042 Apache Avro Java SDK: Code injection on Java generated code
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 o...
PT-2022-19432 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.9.16 Cilium versions prior to 1.10.11 Cilium versions prior to 1.11.5 Description: Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. It...
PT-2021-14698 · Jenkins · Jenkins P4 Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. The issue is...
PT-2021-14697 · Jenkins · Jenkins P4 Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: The issue allows attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. This is due to a lack of...