7 matches found
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.0.GA)
An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.0.GA. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...
io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution
In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically substituted with their actual values during processing. This unintended behavior could lead to the exposure of sensitive information, including credentials,...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release.
Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
EUVD-2025-31590
Malicious code in bioql PyPI...
MinIO Java SDK 代码注入漏洞
MinIO Java SDK is an open source developer tool for MinIO Client for Java by MinIO. A code injection vulnerability exists in versions of MinIO Java SDK prior to 8.6.0, which stems from the automatic substitution of XML tagged values for system properties or environment variables, which could lead...
CVE-2025-59952 minio-java Client XML Tag is Vulnerable to Value Substitution
MinIO Java SDK is a Simple Storage Service aka S3 client to perform bucket and object operations to any Amazon S3 compatible object storage service. In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically...
CVE-2025-59952 minio-java Client XML Tag is Vulnerable to Value Substitution
MinIO Java SDK is a Simple Storage Service aka S3 client to perform bucket and object operations to any Amazon S3 compatible object storage service. In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically...