Lucene search
+L

11 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0372

Malware in sbrugna...

9CVSS8.6AI score0.05175EPSS
Exploits1References9
vulnersosv
vulnersosv
added 2025/06/03 9:30 p.m.11 views

com.github.jinahya:jsonrpc-bind-tests (=0.7.1), org.amebastack.container:ameba-container-grizzly (>=0.1.6c <=0.1.6e) +185 more potentially affected by CVE-2020-5245 +3 more via org.hibernate.validator:hibernate-validator (>=7.0.0.Alpha1 <=7.0.0.Alpha6)

org.hibernate.validator:hibernate-validator MAVEN version =7.0.0.Alpha1, =0.1.6c, =0.1.2, =0.1.2, =0.1.2, =0.1.6c, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0-RC1 and more Source cves: CVE-2020-5245, CVE-2025-35036, CVE-2025-4427, CVE-2025-4428 Source advisory: OSV:GHSA-7V6M-28JR-RG84...

9CVSS7.3AI score0.99899EPSS
Exploits11
vulnersosv
vulnersosv
added 2025/06/03 9:30 p.m.8 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.dstack:server-base-local (>=0.0.12 <=0.1.15) +12168 more potentially affected by CVE-2020-5245 +3 more via org.hibernate.validator:hibernate-validator (>=6.0.0.Alpha1 <=6.1.7.Final)

org.hibernate.validator:hibernate-validator MAVEN version =6.0.0.Alpha1, =4.4.0.0, =0.0.12, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR4, =j11.2.4.0 and more Source cves: CVE-2020-5245, CVE-2025-35036, CVE-2025-4427...

9CVSS7.1AI score0.99899EPSS
Exploits11
redhatcve
redhatcve
added 2025/02/05 3:37 p.m.14 views

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

9CVSS7.2AI score0.0309EPSS
Exploits1
prion
prion
added 2020/04/10 7:15 p.m.25 views

Remote code execution

dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was identified in the self-validating feature enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution RCE vulnerability. If you a...

9CVSS9.2AI score0.05175EPSS
Exploits2References7Affected Software1
github
github
added 2020/04/10 6:42 p.m.141 views

Remote Code Execution (RCE) vulnerability in dropwizard-validation

Summary A server-side template injection was identified in the self-validating @SelfValidating feature of dropwizard-validation enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution RCE vulnerability. If you're using a self-validating bean via @SelfValidatin...

9CVSS1.1AI score0.05175EPSS
Exploits1References9Affected Software1
nvd
nvd
added 2020/02/24 6:15 p.m.50 views

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

9CVSS8.6AI score0.0309EPSS
Exploits1References8
osv
osv
added 2020/02/24 6:15 p.m.32 views

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

8.8CVSS8.4AI score
Exploits0References8
cve
cve
added 2020/02/24 5:35 p.m.172 views

CVE-2020-5245

Technical specifics for CVE-2020-5245 (affected software, root cause, impact, and fix) are provided in the Initial document; there are no additional concrete details about this CVE in the Connected documents.

9CVSS8.5AI score0.0309EPSS
Exploits1References8Affected Software1
vulnersosv
vulnersosv
added 2020/02/24 5:27 p.m.16 views

com.bazaarvoice.curator:dropwizard (>=2.1.0 <=2.1.3), com.bazaarvoice.ostrich.examples.calculator:calculator-client (>=2.1.0 <=2.1.1) +147 more potentially affected by CVE-2020-11002 +1 more via io.dropwizard:dropwizard-validation (>=1.3.0-rc1 <=1.3.18)

io.dropwizard:dropwizard-validation MAVEN version =1.3.0-rc1, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =1.3.17-1, =1.6.0-311, =1.6.0-311, =1.0.0-212, =3.1.2-489, =3.1.0-578, =3.3.0-2 - com.github.mtakaki:dropwizard-hikaricp =1.3.1 and more Source cves: CVE-2020-11002, CVE-2020-5245 Source advisory:...

9CVSS7.2AI score0.05175EPSS
Exploits2
vulnersosv
vulnersosv
added 2020/02/24 5:27 p.m.4 views

com.expediagroup.dropwizard:dropwizard-resilience4j-bundle (>=3.0.0 <=3.1.0), com.expediagroup.dropwizard:dropwizard-template-config (=2.0.0) +152 more potentially affected by CVE-2020-11002 +1 more via io.dropwizard:dropwizard-validation (>=2.0.0 <=2.0.19)

io.dropwizard:dropwizard-validation MAVEN version =2.0.0, =3.0.0, =3.0.0, =4.0.0, =2.0.0, =2.3, =2.3, =clienthcnovehicle and more Source cves: CVE-2020-11002, CVE-2020-5245 Source advisory: OSV:GHSA-3MCP-9WR4-CJQF...

9CVSS7.2AI score0.05175EPSS
Exploits2
Rows per page
Query Builder