Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.5 views

CVE-2026-7018

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...

6.3CVSS5.2AI score0.00338EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/26 3:30 a.m.6 views

EUVD-2026-25693

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...

6.3CVSS5.3AI score0.00338EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/26 3:30 a.m.35 views

CVE-2026-7018 Datavane Datavines JWT Token TokenManager.java hard-coded key

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...

6.3CVSS0.00338EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/26 3:30 a.m.5 views

CVE-2026-7018 Datavane Datavines JWT Token TokenManager.java hard-coded key

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...

6.3CVSS5.3AI score0.00338EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 a.m.13 views

CVE-2026-24816

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 9:15 a.m.8 views

CVE-2026-24816

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2026/01/27 9:15 a.m.6 views

CVE-2026-24816

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS0.00268EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 9:15 a.m.5 views

CVE-2026-24815

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 8:53 a.m.5 views

CVE-2026-24816

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00268EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 8:53 a.m.4 views

CVE-2026-24816 Cookie Security Vulnerabilities in datavane/tis

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 8:53 a.m.35 views

CVE-2026-24816 Cookie Security Vulnerabilities in datavane/tis

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 8:53 a.m.7 views

EUVD-2026-4765

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in datavane tis tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules. This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 8:51 a.m.6 views

EUVD-2026-4764

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00315EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 8:51 a.m.16 views

CVE-2026-24815

CVE-2026-24815 affects datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl). Multiple sources (NVD, Red Hat, CIRCL, OSV, CVE/CVELIST) describe an Unrestricted Upload of File with Dangerous Type and Deserialization of Untrusted Data in the tis plugin; the issue affects tis befo...

10CVSS5.9AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 8:51 a.m.4 views

CVE-2026-24815 A XStream Security Vulnerability in XML Deserialization in datavane/tis

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00315EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 8:51 a.m.5 views

CVE-2026-24815

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...

10CVSS5.9AI score0.00315EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/27 8:51 a.m.28 views

CVE-2026-24815 A XStream Security Vulnerability in XML Deserialization in datavane/tis

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...

10CVSS0.00315EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.9 views

PT-2026-4891

Name of the Vulnerable Software and Affected Versions datavane tis versions prior to 4.3.0 Description An issue exists in datavane tis related to a loop with an unreachable exit condition, resulting in an infinite loop. This condition is present in the ChangeDomainAction.Java file within the...

10CVSS5.9AI score0.00268EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-4890

Name of the Vulnerable Software and Affected Versions datavane tis versions prior to 4.3.0 Description An issue exists in datavane tis related to the unrestricted upload of files with dangerous types and deserialization of untrusted data. The issue is associated with the XmlFile.Java program file...

10CVSS5.9AI score0.00315EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.7 views

TIS security vulnerabilities

TIS is an agile code development platform open source by Datavane. Versions of TIS prior to v4.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the program file XmlFile.Java, which allowed unlimited uploading of dangerous type files and untrusted data deserialization...

10CVSS5.9AI score0.00315EPSS
Exploits0References1
Rows per page
Query Builder