5 matches found
Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 2.2.5 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...
ca.ibodrov.concord:testcontainers-concord (>=0.0.2 <=0.0.20), ca.ibodrov.concord:testcontainers-concord-core (>=0.0.21 <=0.0.41) +359 more potentially affected by CVE-2021-41269 via com.cronutils:cron-utils (>=2.0.0 <=9.1.5)
com.cronutils:cron-utils MAVEN version =2.0.0, =0.0.2, =0.0.21, =0.0.1, =1.0.30 - com.baomidou:jobs-spring-boot-starter =1.0.3 - com.cronutils:cron-utils-spring =1.0.1 - com.elastisys:autoscaler.core =5.2.2 - com.elastisys:autoscaler.distro.standard =5.2.2 -...
CVE-2021-41269
cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...
CVE-2021-41269
CVE-2021-41269 affects cron-utils, a Java library for parsing and migrating cron expressions. The issue is a template injection flaw in cron-utils that enables an attacker to inject arbitrary Java EL expressions, leading to unauthenticated remote code execution. The vulnerability affects versions...
CVE-2021-41269 Unauthenticated remote code injection in cron-utils
cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...