EUVD-2025-18266

Malicious code in bioql PyPI...

EUVD-2025-8851

Malicious code in bioql PyPI...

Directory Traversal

org.noear:solon-faas-luffy is vulnerable to Directory Traversal. The vulnerability is due to improper input validation in the solon-faas-luffy component, which allows a remote attacker to conduct XSS attacks...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

Solon Vulnerable to Directory Traversal

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

GHSA-M63Q-4HR8-5R5H Solon Vulnerable to Directory Traversal

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

org.noear:solon.luffy (>=3.1.2 <=3.1.3-RC) potentially affected by CVE-2025-46096 via org.noear:solon-faas-luffy (>=3.1.2 <=3.1.3-RC)

org.noear:solon-faas-luffy MAVEN version =3.1.2, =3.1.2, =3.1.3-RC Source cves: CVE-2025-46096 Source advisory: OSV:GHSA-M63Q-4HR8-5R5H...

org.noear:solon.luffy (>=3.1.2 <=3.1.3-RC) potentially affected by CVE-2025-46096 via org.noear:solon-faas-luffy (>=3.1.2 <=3.1.3-RC)

org.noear:solon-faas-luffy MAVEN version =3.1.2, =3.1.2, =3.1.3-RC Source cves: CVE-2025-46096 Source advisory: SNYK:JAVA-ORGNOEAR-10558115...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

PT-2025-25410 · Unknown +1 · Solon-Faas-Luffy +1

Name of the Vulnerable Software and Affected Versions: solon version 3.1.2 Description: A Directory Traversal issue allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component. Recommendations: For solon version 3.1.2, consider restricting access to the solon-faas-luffy...

OpenSolon 安全漏洞

OpenSolon is a full-scenario Java enterprise application development framework open-sourced by OpenSolon. A security vulnerability exists in OpenSolon version 3.1.2, which stems from the presence of directory traversal in the solon-faas-luffy component, which could lead to a cross-site scripting...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component...

CVE-2025-46096

CVE-2025-46096 affects Solon v3.1.2, with a directory traversal vulnerability in the solon-faas-luffy component that enables a remote attacker to trigger XSS. The issue is supported by multiple sources (Red Hat, GHSA, NVD, Snyk) and has remediation guidance to upgrade the affected component to ve...

CVE-2023-35839

A bypass in the component sofa-hessian of Solon before v2.3.3 allows attackers to execute arbitrary code via providing crafted payload...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal through the rendermav function. An attacker can access or modify files on the server by manipulating the input to traverse outside the intended directory structure. Remediation Upgrade org.noear:solon-view-beetl ...

org.noear:folkmq-broker-embedded (>=1.7.8 <=1.7.11), org.noear:grit-server-solon-plugin (>=2.0.0 <=2.0.1) +21 more potentially affected by CVE-2025-2961 via org.noear:solon-view (>=2.9.2-M1 <=3.1.0)

org.noear:solon-view MAVEN version =2.9.2-M1, =1.7.8, =2.0.0, =2.0.0, =1.9.2, =1.8.0, =1.8.0, =3.10.0, =3.10.0, =3.10.0, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =3.10.4-M3 and more Source cves: CVE-2025-2961 Source advisory: OSV:GHSA-2M4Q-2C6R-HMC3...

GHSA-2M4Q-2C6R-HMC3 Solon Vulnerable to Path Traversal

A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function rendermav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads ...

org.noear:solon.view.beetl (>=3.0.0 <=3.1.1-RC) potentially affected by CVE-2025-2961 via org.noear:solon-view-beetl (>=3.0.0-M1 <=3.1.1-RC)

org.noear:solon-view-beetl MAVEN version =3.0.0-M1, =3.0.0, =3.1.1-RC Source cves: CVE-2025-2961 Source advisory: SNYK:JAVA-ORGNOEAR-9689929...