Lucene search
K

144 matches found

Wolfi
Wolfi
added 2025/11/12 7:47 p.m.6 views

GHSA-6FHJ-VR9J-G45R vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Chainguard
Chainguard
added 2025/11/12 7:17 p.m.1 views

GHSA-6FHJ-VR9J-G45R vulnerabilities

Vulnerabilities for packages: dependency-track...

7AI score
Exploits0
Chainguard
Chainguard
added 2025/11/12 7:17 p.m.21 views

CVE-2025-64518 vulnerabilities

Vulnerabilities for packages: dependency-track...

7.5CVSS6.7AI score0.00359EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/08 8:19 p.m.12 views

CVE-2025-61776

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

4.7CVSS6.9AI score0.0026EPSS
Exploits0References1
NVD
NVD
added 2025/10/07 7:15 p.m.6 views

CVE-2025-61776

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

4.7CVSS0.0026EPSS
Exploits0References2
CVE
CVE
added 2025/10/07 6:57 p.m.14 views

CVE-2025-61776

Dependency-Track prior to version 4.13.5 is affected by a credential leakage vulnerability where credentials intended for a private NuGet repository can be sent to api.nuget.org via the HTTP Authorization header, and names/versions of internal components can be disclosed to api.nuget.org. This sc...

4.7CVSS6.6AI score0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 6:57 p.m.4 views

EUVD-2025-32901

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

4.7CVSS6.5AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2025/10/07 6:57 p.m.5 views

CVE-2025-61776 Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

4.7CVSS6.9AI score0.0026EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/07 6:57 p.m.10 views

CVE-2025-61776 Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org

Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to api.nuget.org via the HTTP Authorization header, and may...

4.7CVSS0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2055

Malware in sbrugna...

5.4CVSS5.5AI score0.00646EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.5 views

Dependency-Track 安全漏洞

Dependency-Track is Dependency-Track's open source suite of intelligent supply chain component analysis platforms for identifying third-party component risks. A security vulnerability exists in Dependency-Track versions prior to 4.13.5, which stems from the possibility of sending private NuGet...

4.7CVSS6.6AI score0.0026EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-41166

Name of the Vulnerable Software and Affected Versions Dependency-Track versions prior to 4.13.5 Description Dependency-Track is a component analysis platform used for managing software supply chain risk. Versions prior to 4.13.5 may inadvertently transmit credentials intended for a private NuGet...

4.7CVSS6.5AI score0.0026EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41821

Malicious code in bioql PyPI...

4.4CVSS5.1AI score0.00197EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5076

Malicious code in bioql PyPI...

4.4CVSS6.6AI score0.00175EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5312

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0077EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7072

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00665EPSS
Exploits0References7
Wolfi
Wolfi
added 2025/08/08 7:47 p.m.5 views

CVE-2025-7962 vulnerabilities

Vulnerabilities for packages: apicurio-registry, dependency-track, keycloak-config-cli, thingsboard, keycloak, apache-nifi, jenkins, wildfly...

7.5CVSS6.7AI score0.00756EPSS
Exploits0
Wolfi
Wolfi
added 2025/08/08 7:47 p.m.4 views

GHSA-9342-92GG-6V29 vulnerabilities

Vulnerabilities for packages: apicurio-registry, dependency-track, keycloak-config-cli, thingsboard, keycloak, apache-nifi, jenkins, wildfly...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/08/08 7:17 p.m.40 views

GHSA-9342-92GG-6V29 vulnerabilities

Vulnerabilities for packages: dependency-track, geoserver, thingsboard, elasticsearch-fips, keycloak-config-cli, elasticsearch, apache-nifi, apicurio-registry, keycloak-fips, keycloak, jenkins, wildfly...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/08/08 7:17 p.m.8 views

CVE-2025-7962 vulnerabilities

Vulnerabilities for packages: dependency-track, geoserver, thingsboard, elasticsearch-fips, keycloak-config-cli, elasticsearch, apache-nifi, apicurio-registry, keycloak-fips, keycloak, jenkins, wildfly...

7.5CVSS6.7AI score0.00756EPSS
Exploits0
Rows per page
Query Builder