Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11907

Malware in sbrugna...

7.5CVSS7.8AI score0.03059EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-51017

Malicious code in bioql PyPI...

4.9CVSS5.3AI score0.01647EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:29 a.m.7 views

CVE-2024-38379

Apache Allura's neighborhood settings are vulnerable to a stored XSS attack. Only neighborhood admins can access these settings, so the scope of risk is limited to configurations where neighborhood admins are not fully trusted. This issue affects Apache Allura: from 1.4.0 through 1.17.0. Users ar...

4.8CVSS5.8AI score0.00692EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.7 views

CVE-2019-10085

In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page...

6.1CVSS5.8AI score0.0514EPSS
Exploits0References1
OSV
OSV
added 2024/06/10 9:55 p.m.6 views

CVE-2024-36471 Apache Allura: sensitive information exposure via DNS rebinding

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are...

7.5CVSS5.9AI score0.0075EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.7 views

PT-2024-27017 · Apache · Apache Allura

Name of the Vulnerable Software and Affected Versions: Apache Allura versions 1.0.1 through 1.16.0 Description: The import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to...

7.5CVSS6.3AI score0.0075EPSS
Exploits0References8
CNVD
CNVD
added 2018/03/21 12:0 a.m.2 views

Apache Allura HTTP Response Splitting Vulnerability

Apache Allura is the United States Apache Apache Software Foundation's set of Web-based and integrated software tools and collaborative software development platform. A security vulnerability exists in Apache Allura versions prior to 1.8.1. An attacker can exploit this vulnerability by constructi...

6.1CVSS6.2AI score0.02286EPSS
Exploits0References1
Rows per page
Query Builder