89 matches found
com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.1.1), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.1.1) +70 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.20.6)
io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.11.2, =0.23.0 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420253...
CVE-2023-25570
Apollo is a configuration management system. Prior to version 2.1.0, there are potential security issues if users expose apollo-configservice to the internet, which is not recommended. This is because there is no authentication feature enabled for the built-in eureka service. Malicious hackers ma...
EUVD-2023-0609
Malicious code in bioql PyPI...
EUVD-2024-2425
Malicious code in bioql PyPI...
Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
MAL-2025-9325 Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
MAL-2025-8337 Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
MAL-2025-9324 Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
MAL-2025-8355 Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
MAL-2025-6394 Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-40636
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...
Malicious code in solidity-ibc-eureka (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d923c9d1d5e1d4fa797e2afa71b32c1e06ba2710f46b4110977f40a9aac9bbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
at.meks.quarkiverse.axonframework-extension:quarkus-axon-metrics-deployment (>=0.1.0-RC2 <=0.1.0-quarkus-3.15-RC4), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +453 more potentially affected by CVE-2024-12397 via io.quarkus.http:quarkus-http-core (>=3.0.0.Alpha1 <=5.3.3)
io.quarkus.http:quarkus-http-core MAVEN version =3.0.0.Alpha1, =0.1.0-RC2, =0.1.5, =1.0.4, =1.8.0, =1.6.9, =1.5.0, =1.0.0, =1.1.0, =1.1.0, =1.0.0, =0.0.10, =1.0.0, =24.6.0-alpha2 and more Source cves: CVE-2024-12397 Source advisory: OSV:GHSA-CXRX-Q234-M22M...
Spring Eureka Detected
Spring Eureka is a service discovery and registration server. It enables microservices to dynamically discover and communicate with each other without hardcoded hostnames and ports. The scanner detected the usage of Spring Eureka on the target application. No source data...
Insertion Of Sensitive Information Into Log File
Steeltoe.Discovery is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improperly masked Eureka server service URLs, which may leak credentials into logs when fetching the service registry. Attackers can use this to gain unauthorized access to sensitive...
CVE-2024-40636
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...