CVE-2022-31191

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI...

CVE-2022-31195

DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF simple archive format package could cause a file/directory to be...

CVE-2022-31192

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item...

EUVD-2022-6519

Malicious code in bioql PyPI...

EUVD-2022-6531

Malicious code in bioql PyPI...

EUVD-2022-6483

Malicious code in bioql PyPI...

EUVD-2022-6510

Malicious code in bioql PyPI...

EUVD-2022-6608

Malicious code in bioql PyPI...

EUVD-2022-6498

Malicious code in bioql PyPI...

EUVD-2025-21447

Malicious code in bioql PyPI...

EUVD-2024-1992

Malicious code in bioql PyPI...

EUVD-2025-21448

Malicious code in bioql PyPI...

EUVD-2022-6529

Malicious code in bioql PyPI...

PT-2025-29569 · Dspace · Dspace

Name of the Vulnerable Software and Affected Versions: DSpace versions prior to 7.6.4 DSpace versions prior to 8.2 DSpace versions prior to 9.1 Description: DSpace is a repository application providing access to digital resources. A path traversal issue exists during the import of an archive in...

CVE-2022-31193

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a...

CVE-2022-31195 Path traversal vulnerability in Simple Archive Format package import in DSpace

DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF simple archive format package could cause a file/directory to be...

PT-2022-20597 · Dspace · Dspace

Name of the Vulnerable Software and Affected Versions: DSpace versions prior to 6.4 Description: When an "Internal System Error" occurs in the JSPUI, the entire exception, including the stack trace, is available. Information in this stacktrace may be useful to an attacker in launching a more...