43 matches found
Unity Linux 20.1070e Security Update: maven (UTSA-2026-017745)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017745 advisory. Apache Maven will follow repositories that are defined in a dependencys Project Object Model pom which may be surprising to some users, resulting in potential risk i...
BIT-MAVEN-2021-26291 block repositories using http by default
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
Adobe Experience Manager (AEM) CRX Namespace Editor Panel Detected
This plugin detects the presence of the Adobe Experience Manager AEM CRX Namespace Editor panel on a web application. The CRX Namespace Editor panel is part of the AEM's content repository management interface, allowing administrators to manage namespaces and node types within the repository...
[SECURITY] Fedora 43 Update: gh-2.83.0-1.fc43
A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...
EUVD-2013-0596
Malware in sbrugna...
[SECURITY] Fedora 41 Update: gh-2.79.0-1.fc41
A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases / javapackages-bootstrap / maven (CVE-2021-26291)
The version of CBL-Mariner Releases / javapackages-bootstrap / maven installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-26291 advisory. - Apache Maven will follow repositories that are defined in a...
Linux Distros Unpatched Vulnerability : CVE-2021-26291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Maven will follow repositories that are defined in a dependency's Project Object Model pom which may be surprising to some users, resulting in potential...
FeMiner wms 安全漏洞
FeMiner wms is a repository management system for individual developers of Front End Miner FeMiner in China. A security vulnerability exists in FeMiner wms version 1.0, which stems from the inclusion of a path traversal vulnerability...
SUSE CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency's Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
GHSA-FVV5-H29G-F6W5 User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repository
Impact A bug in permissions validation allows a user with the ci:ReadAction permission to skip read checks when copying an object. If they additionally have read and write permission to path in the repository, they can copy an otherwise unreadable object and read it. In order to be affected and...
The vulnerability of GitLab’s repository management system, related to the lack of protective measures for the website structure, allows attackers to execute arbitrary code.
The vulnerability of Gitlab’s repository management system is related to the lack of measures taken to protect the structure of the web interface. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Moderate: Red Hat Security Advisory: RHUI 4.4.0 release - Security Fixes, Bug Fixes, and Enhancements Update
An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.4 fixes several security and operational bugs, and introduces multiple new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories an...
Ubuntu 22.10 : Apache Maven vulnerability (USN-5805-1)
The remote Ubuntu 22.10 host has packages installed that are affected by a vulnerability as referenced in the USN-5805-1 advisory. It was discovered that Apache Maven followed repositories that are defined in a dependencys Project Object Model pom even if the repositories weren't encryptedh http...
DEBIAN-CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
Design/Logic Flaw
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
UBUNTU-CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...