8 matches found
EUVD-2025-9738
Malicious code in bioql PyPI...
CVE-2025-31119
generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...
GHSA-7RMP-3G9F-CVQ8 generator-jhipster-entity-audit vulnerable to Unsafe Reflection when having Javers selected as Entity Audit Framework
Summary CWE-470 Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' when having Javers selected as Entity Audit Framework Details In the following two occurences, user input directly leads to class loading without checking against e.g. a whitelist of allowed classes...
generator-jhipster-entity-audit vulnerable to Unsafe Reflection when having Javers selected as Entity Audit Framework
Summary CWE-470 Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' when having Javers selected as Entity Audit Framework Details In the following two occurences, user input directly leads to class loading without checking against e.g. a whitelist of allowed classes...
CVE-2025-31119 CWE-470 in generator-jhipster-entity-audit when having Javers selected as Entity Audit Framework
generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...
CVE-2025-31119 CWE-470 in generator-jhipster-entity-audit when having Javers selected as Entity Audit Framework
generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...
CVE-2025-31119 CWE-470 in generator-jhipster-entity-audit when having Javers selected as Entity Audit Framework
generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath...
com.credibledoc:log-labelizer (>=1.0.40 <=1.0.51), com.github.gustavodsf:javers-persistence-mongo (>=5.15.0 <=5.16.0) +61 more potentially affected by CVE-2021-20328 via org.mongodb:mongodb-driver-legacy (>=4.1.0 <=4.1.1)
org.mongodb:mongodb-driver-legacy MAVEN version =4.1.0, =1.0.40, =5.15.0, =5.15.0, =5.15.0, =1.5, =1.5, =1.5, =1.5, =1.2.2, =1.2.2, =1.2.3 - dev.morphia.morphia:core =1.6.1 - dev.morphia.morphia:entityscanner-plug =1.6.1 - dev.morphia.morphia:guice-plug =1.6.1 - dev.morphia.morphia:logging-slf4j...