93 matches found
CVE-2026-50196
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...
CVE-2026-50196 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...
CVE-2026-50196
CVE-2026-50196 – Steeltoe.Discovery.Eureka : In Steeltoe.Discovery.Eureka before versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws an ArgumentException for any DataCenterInfo.name other than MyOwn, Amazon, or Netflix, causing the registry deserialization to fail and the cache refresh to sw...
PT-2026-50555
Name of the Vulnerable Software and Affected Versions Steeltoe.Discovery.Eureka versions prior to 3.4.0 Steeltoe.Discovery.Eureka versions prior to 4.2.0 Description The DataCenterInfo.FromJson function throws an ArgumentException when it encounters any name value other than "MyOwn" or "Amazon"...
com.github.fmcejudo:quarkus-eureka (>=1.0.0 <=1.1.1), com.github.fmcejudo:quarkus-eureka-deployment (>=1.0.0 <=1.1.1) +70 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-undertow (>=3.0.0.Alpha1 <=3.20.6)
io.quarkus:quarkus-undertow MAVEN version =3.0.0.Alpha1, =1.0.0, =1.0.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0-alpha1, =24.4.0, =24.4.0, =2.0.0, =2.0.0, =24.0.0, =24.8.3, =9.2.3, =0.23.0, =0.11.2, =0.24.0 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420253...
CVE-2023-25570
Apollo is a configuration management system. Prior to version 2.1.0, there are potential security issues if users expose apollo-configservice to the internet, which is not recommended. This is because there is no authentication feature enabled for the built-in eureka service. Malicious hackers ma...
EUVD-2024-2425
Malicious code in bioql PyPI...
EUVD-2023-0609
Malicious code in bioql PyPI...
Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
MAL-2025-8355 Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
Malicious code in @lbnqduy/super-octo-eureka (npm)
The package @lbnqduy/super-octo-eureka was found to contain malicious code...
Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
MAL-2025-9325 Malicious code in @sequoia-engineering/eureka-utilities (npm)
The package @sequoia-engineering/eureka-utilities was found to contain malicious code...
MAL-2025-8337 Malicious code in @lbnqduy/potential-eureka (npm)
The package @lbnqduy/potential-eureka was found to contain malicious code...
MAL-2025-9324 Malicious code in @sequoia-engineering/eureka-hooks (npm)
The package @sequoia-engineering/eureka-hooks was found to contain malicious code...
Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6394 Malicious code in @sequoia-engineering/eureka-components (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-40636
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...
Malicious code in solidity-ibc-eureka (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d923c9d1d5e1d4fa797e2afa71b32c1e06ba2710f46b4110977f40a9aac9bbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...