4 matches found
DependencyCheck Log Information Disclosure Vulnerability
DependencyCheck is a software portfolio analysis SCA tool that attempts to detect publicly disclosed vulnerabilities contained in project dependencies. A security vulnerability exists in DependencyCheck. An attacker exploited the vulnerability to recover NVD API keys from log files. The following...
com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +84 more potentially affected by CVE-2023-6291 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=23.0.2)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.1.23, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.1.4, =1.1.5 and more Source cves: CVE-2023-6291 Source advisory: OSV:GHSA-MPWQ-J3XF-7M5W...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21603 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.27)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21603 Source advisory: OSV:GHSA-98GQ-6HXG-52R6...
africa.absa:inception-oauth2-resource-server (>=1.0.0 <=1.2.0), au.org.consumerdatastandards:client-cli (>=1.13.0 <=2.4.1) +1255 more potentially affected by CVE-2022-22978 via org.springframework.security:spring-security-web (>=5.5.0 <=5.5.6)
org.springframework.security:spring-security-web MAVEN version =5.5.0, =1.0.0, =1.13.0, =1.13.0, =1.0.0, =0.0.8-alpha, =0.0.1-alpha, =1.0.4.R, =1.0.4.R, =1.0.4.R, =1.0.4.R, =1.7.26, =1.3.30, =1.1.1-alpha, =1.1.1-alpha, =0.0.3-alpha, =0.0.4-alpha-5 and more Source cves: CVE-2022-22978 Source...