AZL-75189 CVE-2026-23992 affecting package gh 2.62.0-10

go-tuf is a Go implementation of The Update Framework TUF. Starting in version 2.0.0 and prior to version 2.3.1, a compromised or misconfigured TUF repository can have the configured value of signature thresholds set to 0, which effectively disables signature verification. This can lead to...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.21), ai.hyacinth.framework:core-service-gateway-server (>=0.5.0 <=0.5.21) +896 more potentially affected by CVE-2022-22965 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.2.1.RELEASE)

org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =0.5.0, =0.5.0, =0.5.0, =j8.2.3.0, =0.0.1, =2.1.2.RELEASE, =2.0.2, =0.5.0, =3.1.64, =3.1.37, =3.1.13, =3.1.64, =3.1.64, =3.1.64, =3.1.64, =3.1.165 and more Source cves: CVE-2022-22965 Source advisory: OSV:GHSA-36P3-WJMG-H94X...

am.ik.github:reactive-github-client (>=0.0.1 <=0.0.4), ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (>=3.1.0 <=3.2.0) +218 more potentially affected by CVE-2018-15756 via org.springframework:spring-core (=5.0.0.RELEASE)

org.springframework:spring-core MAVEN version =5.0.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework:spring-core and may be impacted: - am.ik.github:reactive-github-client =0.0.1, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0,...

Liberapay: Leaking Of Sensitive Information on Github

Summary: Sensitive Data were leaked in https://github.com/liberapay/liberapay.com Steps To Reproduce: 1. Install gitleaks from https://github.com/zricethezav/gitleaks 2. Run the following command in a Linux terminal gitleaks -v --pretty -r=https://github.com/liberapay/liberapay.com The following...

ai.ylyue:yue-library-base (>=Finchley.SR2.SR1 <=Finchley.SR4.1), ai.ylyue:yue-library-base-crypto (>=Finchley.SR4 <=Finchley.SR4.1) +3026 more potentially affected by CVE-2018-1272 via org.springframework:spring-core (>=5.0.0.RELEASE <=5.0.4.RELEASE)

org.springframework:spring-core MAVEN version =5.0.0.RELEASE, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =0.0.1, =0.0.2, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.2.RELEASE, =2.0.2.RELEASE, =2.0.3.RELEASE, =2.0.7.RELEASE and...

ai.dev-tools:ai-devtools (>=0.1.12 <=0.1.20), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +3660 more potentially affected by CVE-2018-1257 via org.springframework:spring-core (>=5.0.0.RELEASE <=5.0.5.RELEASE)

org.springframework:spring-core MAVEN version =5.0.0.RELEASE, =0.1.12, =1.0.0, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =0.0.1, =0.0.2, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.2.RELEASE, =2.0.3.RELEASE and more Source cves...