95 matches found
GHSA-J8PH-6FXJ-G533 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch
Summary DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite the Java Eureka specification defining a third valid value: "Netflix". The exception propagates through the entire registry deserialization chain and is swallowed by the periodic...
EUVD-2026-37806
Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch...
CVE-2026-50196
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...
CVE-2026-50196 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...
CVE-2026-50196
CVE-2026-50196 – Steeltoe.Discovery.Eureka : In Steeltoe.Discovery.Eureka before versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws an ArgumentException for any DataCenterInfo.name other than MyOwn, Amazon, or Netflix, causing the registry deserialization to fail and the cache refresh to sw...
PT-2026-50555
Name of the Vulnerable Software and Affected Versions Steeltoe.Discovery.Eureka versions prior to 3.4.0 Steeltoe.Discovery.Eureka versions prior to 4.2.0 Description The DataCenterInfo.FromJson function throws an ArgumentException when it encounters any name value other than "MyOwn" or "Amazon"...
com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.1.1), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.1.1) +70 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.20.6)
io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.23.0, =0.11.2, =0.24.5 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420253...
CVE-2023-25570
Apollo is a configuration management system. Prior to version 2.1.0, there are potential security issues if users expose apollo-configservice to the internet, which is not recommended. This is because there is no authentication feature enabled for the built-in eureka service. Malicious hackers ma...
EUVD-2024-2425
Malicious code in bioql PyPI...
EUVD-2023-0609
Malicious code in bioql PyPI...
Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
MAL-2025-9324 Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
MAL-2025-9325 Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
MAL-2025-8355 Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
MAL-2025-8337 Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6394 Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...