3 matches found
Cleartext Transmission of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information in the Kerberos credentialing. An attacker can intercept sensitive information by capturing unencrypted credentials during transmission. Remediation A fix was pushed into the master branch...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the Arena memory allocation. An attacker can cause unintended modification of data by providing specially crafted input that manipulates memory allocation boundaries. Remediation A fix was pushed into the...
Use of a Broken or Risky Cryptographic Algorithm
Overview org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages. Affected versions of this package are...