CVE-2025-55747

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 6.1-milestone-2 through 16.10.6, configuration files are accessible through the webjars API. This is fixed in version 16.10.7...

CVE-2025-55748

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using URLs such as...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the resource parameter in the jsx and sx endpoints. An attacker can access and read sensitive configuration files by crafting URLs with "../" sequence that traverse directories. Remediation Upgrade...

PT-2025-35831

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 6.1-milestone-2 through 16.10.6 Description: The XWiki Platform is a generic wiki platform. Affected versions allow access to configuration files through the webjars API. This issue is resolved in version 16.10.7...

Linux Distros Unpatched Vulnerability : CVE-2024-1736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to...

BIT-GITLAB-2024-1736 Uncontrolled Resource Consumption in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. A vulnerability in GitLab's CI/CD pipeline editor could allow for denial of service attacks through maliciously crafted configuration...