CVE-2024-48988 Apache StreamPark: SQL injection vulnerability

SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package SpringBoot platform and does not involve Maven...

CVE-2024-36117 Path traversal while serving Reposilite javadoc expanded files

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...

Reposilite Security Vulnerabilities

Reposilite is a lightweight and easy-to-use repository manager for Maven-based artifacts in the JVM ecosystem by the individual developer dzikoysk. A security vulnerability exists in Reposilite versions prior to 3.5.12 that stems from being affected by arbitrary file reads via path traversal...

PT-2024-9211 · Sonatype · Sonatype Nexus Repository

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A Remote Code Execution issue has been discovered, related to incorrect code generation management. This allows a remote attacker to execute arbitrary code by...

PT-2024-9210 · Sonatype · Sonatype Nexus Repository 2

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A stored Cross-site Scripting vulnerability has been discovered, which affects the structure of web pages. This issue may allow a remote attacker to perform cross-si...