app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1448 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk15on (>=1.49 <=1.70)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.49, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...

This Week in Spring - March 14th, 2023

Hi, Spring fans! Happy Pi π day! And, welcome to another installment of This Week in Spring! It's pouring cats and dogs here in San Francisco! The news is talking about atmospheric rivers; I don't know what that means but I don't know that I want to find out. Anyway, all that to say: I'm glad as...

XML External Entity (XXE)

jooq is vulnerable to XML external entity attacks. It is possible because XMLasDOMBinding does not prevent the resolution of external entity references, allowing the attackers to submit malicious XML to the XML parser and gain access to information about an internal network, local file system, or...

Cross-site Scripting (XSS)

jOOQ is vulnerable to cross-site scripting XSS attacks. It is possible because it does not escape HTML content in formatHTML...