9 matches found
CVE-2025-32951
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends...
CVE-2025-32952
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files...
CVE-2025-32952
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files...
CVE-2025-32951
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends...
CVE-2025-32951 io.jmix.rest:jmix-rest allows XSS in the /files Endpoint of the Generic REST API
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends...
CVE-2025-32952 io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files...
CVE-2025-32950 io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the application server...
Jmix 安全漏洞
Jmix is a set of libraries and tools from Jmix, Inc. for accelerating Spring Boot data-centric application development. A security vulnerability exists in Jmix versions 1.0.0 through 1.6.1 and 2.0.0 through 2.3.4, which stems from an improper file size limitation and could result in a denial of...
PT-2025-17573
Name of the Vulnerable Software and Affected Versions Jmix versions 1.0.0 through 1.6.1 Jmix versions 2.0.0 through 2.3.4 Description The issue affects Jmix, a set of libraries and tools for Spring Boot data-centric application development. It allows manipulation of the input parameter, which...