Lucene search
K

4 matches found

Veracode
Veracode
added 2025/04/15 3:40 a.m.9 views

Remote Code Execution (RCE)

generator-jhipster-entity-audit is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe reflection caused by using Javers as the Entity Audit Framework, which allows malicious classes on the classpath to be exploited through exposed REST endpoints...

7.6CVSS7.3AI score0.00457EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/05 7:29 p.m.21 views

CVE-2025-31119

generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...

7.6CVSS7.9AI score0.00457EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/03 7:11 p.m.14 views

CVE-2025-31119 CWE-470 in generator-jhipster-entity-audit when having Javers selected as Entity Audit Framework

generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...

7.6CVSS0.00457EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.10 views

PT-2025-14791 · Jhipster · Generator-Jhipster-Entity-Audit

Name of the Vulnerable Software and Affected Versions: generator-jhipster-entity-audit versions prior to 5.9.1 Description: The issue allows for unsafe reflection when Javers is selected as the Entity Audit Framework. If an attacker can place malicious classes into the classpath and access the RE...

7.6CVSS7.2AI score0.00457EPSS
Exploits0References9
Rows per page
Query Builder