47 matches found
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.9.38 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.9.38 <=1.20.1) +1591 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-vertx-http (>=3.0.0.Alpha1 <=3.20.6)
io.quarkus:quarkus-vertx-http MAVEN version =3.0.0.Alpha1, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.9.38, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.2, =0.0.1, =0.0.5 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420254...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +5085 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=4.0.0 <=4.0.5)
org.springframework.boot:spring-boot MAVEN version =4.0.0, =0.1.0, =0.1.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0-beta-2 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-22013 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-22013 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...
CVE-2024-39700
JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.21.0 <=1.26.2), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=1.21.0 <=1.26.2) +590 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.21.0.CR1 <=3.27.1)
io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.21.0.CR1, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =0.0.6, =0.0.6, =0.0.6, =0.0.8, =0.1.0-RC15, =0.1.0-RC15, =0.1.0-RC14, =0.1.0-RC25 and mor...
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.12.0 <=1.20.1), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=1.12.0 <=1.20.1) +914 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.12.0 <=3.20.4)
io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =1.12.0, =0.0.1, =0.0.4, =0.0.1, =0.0.1, =0.0.1, =3.15.3, =3.15.3, =0.2.0.0, =0.4.8.0, =0.7.0.2 and more Source cves: CVE-2025-66560 Source advisory: SNYK:JAVA-IOQUARKUSVERTXUTILS-148970...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a UAF issue after smclistenout BPF CI testing reports a UAF issue: 16.446633 BUG: kernel NULL pointer dereference, address: 0000000000000030 16.447134 PF: supervisor read access in kernel module 16.447516 PF:...
org.keycloak:keycloak-junit5 (>=21.1.0 <=26.0.1), org.keycloak:keycloak-quarkus-integration-tests (>=17.0.0 <=21.0.2) +1 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=17.0.0 <=26.0.1)
org.keycloak:keycloak-quarkus-dist MAVEN version =17.0.0, =21.1.0, =17.0.0, =26.0.0, =26.0.1 Source cves: CVE-2025-11419 Source advisory: OSV:GHSA-Q8HQ-4H99-FJ7X...
wazuh
This repository is an issue template for Wazuh, a free and open-source platform for threat prevention, detection, and response. The repository contains various templates for reporting bugs, making feature requests, and testing integration and component tests. The templates are organized by...
BIT-JUPYTERLAB-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action
JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=1.15.0), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=1.15.0) +3074 more potentially affected by CVE-2025-49574 via io.quarkus:quarkus-vertx (>=0.11.0 <=3.15.5)
io.quarkus:quarkus-vertx MAVEN version =0.11.0, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.1.0-quarkus-3.15-RC2, =0.1.0-quarkus-3.15-RC2, =1.0.4, =1.0.4, =0.0.2-alpha, =0.0.3-alpha, =0.0.10-alpha, =1.3.0-alpha-0 - br.com.senior:seniorx-integration-parameters-api...
CVE-2025-47928 Spotipy repo vulnerable to secrets exfiltration via `pull_request_target`
Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...
CVE-2025-47928 Spotipy repo vulnerable to secrets exfiltration via `pull_request_target`
Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...
org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-flink-connector (>=1.0.0 <=1.2.0) +6 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-controller (>=0.1.0 <=1.2.0)
org.apache.pinot:pinot-controller MAVEN version =0.1.0, =0.1.0, =1.0.0, =0.9.0, =0.1.0, =0.8.0, =0.8.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...
org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-integration-test-base (>=0.9.0 <=0.9.3) +3 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-broker (>=0.1.0 <=0.9.3)
org.apache.pinot:pinot-broker MAVEN version =0.1.0, =0.1.0, =0.9.0, =0.1.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...
com.atomikos:transactions-spring-boot-integration-tests (>=5.0.9 <=6.0.1), com.atomikos:transactions-spring-boot3-integration-tests (>=6.0.0 <=6.0.1) +158 more potentially affected by CVE-2025-27427 via org.apache.activemq:artemis-server (>=2.0.0 <=2.3.0)
org.apache.activemq:artemis-server MAVEN version =2.0.0, =5.0.9, =6.0.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =2018.9.23, =2018.12.15, =2018.9.23, =2018.9.23, =0.0.1, =0.0.2, =1.14.2, =2.0.0, =6u3 and more Source cves: CVE-2025-27427 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-9598037...
io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2024-12369 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.17.0.Final <=2.2.8.Final)
org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.17.0.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=0.8.41), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=0.8.41) +1863 more potentially affected by CVE-2023-0482 via org.jboss.resteasy:resteasy-core (>=4.0.0.Beta6 <=4.7.7.Final)
org.jboss.resteasy:resteasy-core MAVEN version =4.0.0.Beta6, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =2.0.0, =0.1.5, =0.1.5, =1.0.0-alpha1, =0.0.1, =1.8.0, =0.5.8, =0.5.9 and more Source cves: CVE-2023-0482 Source advisory: OSV:GHSA-2C6G-PFX3-W7H8htt...
org.keycloak:keycloak-guides (>=16.0.0 <=16.1.1), org.keycloak:keycloak-guides-maven-plugin (>=16.0.0 <=16.1.1) +3 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=16.0.0 <=16.1.1)
org.keycloak:keycloak-quarkus-server MAVEN version =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.0.0, =16.1.1 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...
org.keycloak:keycloak-guides (>=19.0.0 <=19.0.3), org.keycloak:keycloak-guides-maven-plugin (>=19.0.0 <=19.0.3) +3 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=19.0.0 <=19.0.3)
org.keycloak:keycloak-quarkus-server MAVEN version =19.0.0, =19.0.0, =19.0.0, =19.0.0, =19.0.0, =19.0.0, =19.0.3 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...