org.sonatype.nexus.api.extdirect:nexus-api-extdirect-common (>=3.81.0-08 <=3.87.2-01), org.sonatype.nexus.api.extdirect:nexus-api-extdirect-selfhosted (>=3.81.0-08 <=3.87.2-01) +49 more potentially affected by CVE-2026-0601 via org.sonatype.nexus:nexus-extdirect (>=3.10.0-04 <=3.87.2-01)

org.sonatype.nexus:nexus-extdirect MAVEN version =3.10.0-04, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.4.0-02, =3.60.0-02, =3.4.0-02, =3.21.0-01, =3.12.0-01, =3.4.0-02, =3.12.0-01, =3.4.0-02, =3.57.0-01, =3.23.0-01, =3.87.2-01 and more Source cves: CVE-2026-0601https://vulners.com/cve/C...

org.sonatype.nexus.api.extdirect:nexus-api-extdirect-selfhosted (>=3.83.0-08 <=3.86.3-01), org.sonatype.nexus.api.rest:nexus-api-rest-common (>=3.83.0-08 <=3.86.3-01) +4 more potentially affected by CVE-2025-13488 via org.sonatype.nexus.plugins:nexus-blobstore-s3 (>=3.83.0-08 <=3.86.3-01)

org.sonatype.nexus.plugins:nexus-blobstore-s3 MAVEN version =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.86.3-01 Source cves: CVE-2025-13488 Source advisory: SNYK:JAVA-ORGSONATYPENEXUSPLUGINS-14221327...

EUVD-2022-1811

Malicious code in bioql PyPI...

com.tencent.devops:devops-boot-starter-plugin (=1.0.0), com.tencent.devops:devops-plugin-core (=1.0.0) +128 more potentially affected by CVE-2024-38807 via org.springframework.boot:spring-boot-loader (>=3.3.1 <=3.3.2)

org.springframework.boot:spring-boot-loader MAVEN version =3.3.1, =0.4.15, =4.7.0, =8.2.0, =8.2.0, =3.87.0-03, =3.87.0-03, =3.87.0-03, =3.87.0-03, =3.89.0-09, =3.89.0-09, =3.89.0-09, =3.89.0-09, =3.89.0-09, =3.90.3-03 and more Source cves: CVE-2024-38807https://vulners.com/cve/CVE-2024-38807...

GHSA-QF79-34J4-54M6 Typo3 Improper Access Control

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

Typo3 Improper Access Control

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

org.sonatype.nexus.assemblies:nexus-base-feature (>=3.10.0-04 <=3.21.1-01), org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.21.1-01) +33 more potentially affected by CVE-2020-10199 via org.sonatype.nexus:nexus-extdirect (>=3.10.0-04 <=3.21.1-01)

org.sonatype.nexus:nexus-extdirect MAVEN version =3.10.0-04, =3.10.0-04, =3.10.0-04, =3.21.0-01, =3.12.0-01, =3.10.0-04, =3.12.0-01, =3.10.0-04, =3.17.0-01, =0.0.1, =0.0.2, =0.0.3, =0.0.4, =0.0.13, =1.0.3 and more Source cves: CVE-2020-10199 Source advisory:...

CVE-2011-4904

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

CVE-2011-4904

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

Design/Logic Flaw

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

CVE-2011-4904

TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services...

CVE-2011-4904

CVE-2011-4904 affects TYPO3 ExtDirect in TYPO3 4.4.x and 4.5.x prior to the fixed releases. The root cause is missing access control on ExtDirect calls, allowing remote attackers to retrieve ExtDirect endpoint services. Public descriptions consistently state that TYPO3 before 4.4.9 and 4.5.x befo...

TYPO3 ExtDirect Missing Access Control Vulnerability (TYPO3-CORE-SA-2011-001)

TYPO3 is prone to a missing access control vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...