38 matches found
GHSA-M494-W24Q-6F7W vulnerabilities
Vulnerabilities for packages: apicurio-registry, apache-hop, tez, apache-hop-fips, hadoop-fips...
CVE-2025-59250 vulnerabilities
Vulnerabilities for packages: apicurio-registry, apache-hop, tez, apache-hop-fips, hadoop-fips...
CVE-2025-59419 vulnerabilities
Vulnerabilities for packages: pinot-fips, seata, thingsboard, management-api-for-apache-cassandra-4.1, apache-hop, management-api-for-apache-cassandra-5.0, tez, management-api-for-apache-cassandra-4.0, trino, celeborn, apache-hop-fips, hadoop-fips...
GHSA-JQ43-27X9-3V86 vulnerabilities
Vulnerabilities for packages: pinot-fips, seata, thingsboard, management-api-for-apache-cassandra-4.1, apache-hop, management-api-for-apache-cassandra-5.0, tez, management-api-for-apache-cassandra-4.0, trino, celeborn, apache-hop-fips, hadoop-fips...
EUVD-2024-0911
Malicious code in bioql PyPI...
CVE-2025-41249 vulnerabilities
Vulnerabilities for packages: thingsboard, nacos-docker, keycloak-config-cli, apache-hop, apache-nifi, camunda-zeebe, zipkin, jenkins, apache-activemq, nacos, apache-nifi-registry, apache-hop-fips, apache-activemq-fips...
GHSA-JMP9-X22R-554X vulnerabilities
Vulnerabilities for packages: thingsboard, nacos-docker, keycloak-config-cli, apache-hop, apache-nifi, camunda-zeebe, zipkin, jenkins, apache-activemq, nacos, apache-nifi-registry, apache-hop-fips, apache-activemq-fips...
CVE-2024-24683
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
Improper Input Validation
Apache Hop Engine is vulnerable to Improper Input Validation. The vulnerability is due to improper escape functionality within the "id" parameter in links written to the PrepareExecutionPipelineServlet page...
GHSA-F6G6-PJGC-5CJ5 Improper Input Validation vulnerability in Apache Hop Engine
Improper Input Validation vulnerability in Apache Hop Engine. This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to th...
Improper Input Validation vulnerability in Apache Hop Engine
Improper Input Validation vulnerability in Apache Hop Engine. This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to th...
CVE-2024-24683
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
CVE-2024-24683
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
CVE-2024-24683
The CVE-2024-24683 entry affects Apache Hop Engine, specifically the Hop Server component. The vulnerability stems from improper input handling: when the Hop Server writes links to the PrepareExecutionPipelineServlet page, the id parameter is not properly escaped, creating a potential for exploit...
CVE-2024-24683 Apache Hop Engine: ID isn't escaped when generating HTML
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
CVE-2024-24683 Apache Hop Engine: ID isn't escaped when generating HTML
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
Apache Hop Engine Security Vulnerability
Apache Hop Engine is an open source data integration, data processing and workflow management platform from the Apache Foundation. A security vulnerability exists in Apache Hop Engine versions prior to 2.8.0, which stems from an improperly escaped parameter provided to the user when the Hop Serve...
PT-2024-20490 · Apache · Apache Hop Engine
Name of the Vulnerable Software and Affected Versions: Apache Hop Engine versions prior to 2.8.0 Description: The issue is related to improper input validation in the Apache Hop Engine, specifically affecting the Hop Server component. When the Hop Server writes links to the...