138 matches found
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 Security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
org.eclipse.jgit: XXE vulnerability in Eclipse JGit
A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...
org.eclipse.jgit: XXE vulnerability in Eclipse JGit
A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Security Bulletin: Due to the use of Eclipse JGit, IBM webMethods Integration is affected by denial of service, and other security issues.
Summary Eclipse JGit is used by IBM webMethods Integration in repository function CVE-2025-4949 Vulnerability Details CVEID:CVE-2025-4949 DESCRIPTION: In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implemen...
org.eclipse.jgit: XXE vulnerability in Eclipse JGit
A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release.
Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
EUVD-2022-52094
Malicious code in bioql PyPI...
EUVD-2025-15989
Malicious code in bioql PyPI...
EUVD-2025-26516
Malicious code in bioql PyPI...
EUVD-2025-15988
Malicious code in bioql PyPI...
EUVD-2023-2406
Malicious code in bioql PyPI...
Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Improper Restriction of XML External Entity Reference due to Eclipse JGit (CVE-2025-4949)
Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Improper Restriction of XML External Entity Reference due to Eclipse JGit. Vulnerability Details CVEID:CVE-2025-4949 DESCRIPTION: In Eclipse JGit versions 7.2.0.202503040940-r and older, the...
Security Bulletin: Vulnerabilities in Bouncy Castle, Eclipse JGit and Node.js diff might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Bouncy Castle, Eclipse JGit and Node.js diff. Vulnerabilities include vulnerable to padding oracle attack, allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistic...
CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...
GHSA-G2PQ-9JR7-W6GV Jenkins Git client Plugin file system information disclosure vulnerability
In Jenkins Git client Plugin 6.3.2 and earlier, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an...
Jenkins Git client Plugin file system information disclosure vulnerability
In Jenkins Git client Plugin 6.3.2 and earlier, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an...
CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...
CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...
PT-2025-35780
Name of the Vulnerable Software and Affected Versions: Jenkins Git client Plugin versions 6.3.2 and earlier Description: The Git URL field form validation responses differ based on whether the specified file path exists on the Jenkins controller when using the amazon-s3 protocol with JGit. This...