126 matches found
de.gsi.acc:chartfx-acc (>=11.2.2 <=11.2.7), de.gsi.report:chartfx-report (>=11.2.2 <=11.2.7) +16 more potentially affected by CVE-2024-57083 via org.webjars.npm:redoc (>=2.0.0-rc.23 <=2.1.4)
org.webjars.npm:redoc MAVEN version =2.0.0-rc.23, =11.2.2, =11.2.2, =11.2.2, =11.2.2, =5.0.0, =5.0.0, =3.9.0, =3.9.0, =2.5.0, =2.5.0, =3.0.0, =11.0.0, =0.7.13, =0.7.13, =0.8.3, =0.8.4 and more Source cves: CVE-2024-57083 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-8664935...
org.webjars.bower:angularAMD (=0.2.1), org.webjars.bower:annodom (=1.0.0) +11 more potentially affected by CVE-2024-38999 via org.webjars.bower:requirejs (>=2.1.22 <=2.3.6)
org.webjars.bower:requirejs MAVEN version =2.1.22, =0.0.2, =3.10.0, =2.1.4, =0.1.13, =0.0.2, =0.0.3 - org.webjars.bower:require-lazy =0.3.8 Source cves: CVE-2024-38999 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-7430220...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), cn.dreampie:jfinal-dreampie (>=0.1 <=1.0.0) +252 more potentially affected by CVE-2024-38999 via org.webjars:requirejs (>=2.1.1 <=2.3.6)
org.webjars:requirejs MAVEN version =2.1.1, =0.1, =0.4.3, =1.0.0-Alpha8, =0.0.1, =0.5.6, =0.5.6, =0.5.6, =1.1.0, =0.3.0, =0.3.0, =0.5.3, =2.55.0, =1.0.5, =1.1.0, =2.79.0 and more Source cves: CVE-2024-38999 Source advisory: SNYK:JAVA-ORGWEBJARS-7430219...
This Week in Spring - March 26th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! Sam Brannen shares some good news: a null-safe Index operator for the Spring Expression Language SpEL is coming to Spring Framework 6.2! This is interesting, and a nice application of AI do I even need to spell out "artificia...
This Week in Spring - March 19th, 2024
Hi, Spring fans! And happy Java 22 release day to those who celebrate! I just put out a huge blog detailing many of the exciting new features in Java 22. Check it out! As usual, we've got a packed roundup to get through this week so let's dive right into it! the Spring Authorization Server 1.3.0-...
com.github.linyuzai:concept-plugin-spring-boot-starter (>=2.0.0 <=3.0.0), org.webjars.npm:github-com-showdownjs-ng-showdown (=1.1.0) +3 more potentially affected by CVE-2024-1899 via org.webjars.npm:showdown (>=1.9.1 <=2.1.0)
org.webjars.npm:showdown MAVEN version =1.9.1, =2.0.0, =1.0.2, =1.0.3 - org.webjars.npm:showdown-prism =0.2.0 Source cves: CVE-2024-1899 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-8685132...
com.github.grantlittle:bdd-reporting-server (>=0.1.5 <=0.1.7), com.github.grantlittle:bdd-reporting-service (=0.1.9) +654 more potentially affected by CVE-2024-21490 via org.webjars.bower:angular (>=1.3.0 <=1.8.3)
org.webjars.bower:angular MAVEN version =1.3.0, =0.1.5, =1.1.0, =0.4.4, =0.4.4, =0.3.5, =0.4.1, =0.4.4, =0.3.5, =0.4.4, =0.5.1 and more Source cves: CVE-2024-21490 Source advisory: OSV:GHSA-4W4V-5HC9-XRR2...
io.github.ezadmin126:ezadmin-common (>=3.0.0 <=3.1.1), io.github.ezadmin126:ezadmin-core (>=2.9.12 <=2.11.5) +14 more potentially affected by CVE-2025-3573 via org.webjars:jquery-validation (>=1.12.0 <=1.19.5)
org.webjars:jquery-validation MAVEN version =1.12.0, =3.0.0, =2.9.12, =3.0.3, =3.0.0, =1.0.2, =2.9.7, =1.8, =1.7, =1.8, =1.7, =1.5, =1.4, =2.0, =2.0, =3.14, =3.25.0 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JAVA-ORGWEBJARS-9788110...
com.slyak:slyak-web-bootstrap (>=1.0.3.RELEASE <=1.0.4.RELEASE), de.smartsquare.squit:de.smartsquare.squit.gradle.plugin (>=2.0.0 <=2.2.0) +23 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=4.0.0 <=4.1.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.0.3.RELEASE, =2.0.0, =2.1.0, =2.0.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.3 - org.orienteer:orienteer-architect =1.4 - org.orienteer:orienteer-birt =1.4 - org.orienteer:orienteer-bpm =1.4 - org.orienteer:orienteer-camel =1.4 -...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +493 more potentially affected by CVE-2018-14040 via org.webjars:bootstrap (>=2.3.0 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.3.0, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-14040 Source advisory: OSV:GHSA-3WQF-4X89-9G79...
CVE-2021-33611
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 Vaadin 14.0.0 through 14.4.4 allows remote attackers to execute malicious JavaScript in browser by opening crafted URL...
Regular expression denial of service in codemirror
This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...
GHSA-4GW3-8F77-F72C Regular expression denial of service in codemirror
This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...
cn.home1:oss-configserver (>=1.0.6.OSS <=1.0.7.OSS), com.findwise.hydra:hydra-admin-service (>=0.4.1 <=0.5.0) +56 more potentially affected by CVE-2021-23369 via org.webjars:handlebars (>=1.0.0-rc.3 <=4.0.5)
org.webjars:handlebars MAVEN version =1.0.0-rc.3, =1.0.6.OSS, =0.4.1, =3.0.0.RELEASE, =0.0.1.RELEASE, =2.2.2.RELEASE, =6.3.0, =6.0.0.RELEASE, =1.8.6, =0.0.9, =0.0.9, =0.0.9, =0.0.12, =0.0.9, =0.0.9, =0.0.16 - com.github.jknack:mwa-wro4j =0.4.2 and more Source cves: CVE-2021-23369 Source advisory:...
UBUNTU-CVE-2020-7760
This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...
com.credibledoc:log-labelizer (>=1.0.40 <=1.0.44), com.novocode:ornate_2.11 (>=0.3 <=0.5) +102 more potentially affected by CVE-2020-11022 via org.webjars.npm:jquery (>=1.12.1 <=3.4.1)
org.webjars.npm:jquery MAVEN version =1.12.1, =1.0.40, =0.3, =1.3.0, =1.3.0, =1.3.0, =3.2.0, =2.4.0, =3.0.0, =3.1.0, =4.1.3 - de.digitalcollections:streaming-server-euphoria =3.0.0 and more Source cves: CVE-2020-11022 Source advisory: OSV:GHSA-GXR4-XJJ5-5PX2...
com.novocode:ornate_2.11 (>=0.3 <=0.5), com.novocode:ornate_2.12 (=0.6) +69 more potentially affected by CVE-2019-11358 via org.webjars.npm:jquery (>=2.1.1 <=3.3.1)
org.webjars.npm:jquery MAVEN version =2.1.1, =0.3, =2.4.0, =3.0.0, =3.1.0, =2.4.0, =2.4.0, =0.2.0, =1.0.4, =1.0.5 - org.webjars.npm:bootstrap-material-design =4.0.1 - org.webjars.npm:bootstrap-multiselect =0.9.15 and more Source cves: CVE-2019-11358 Source advisory: OSV:GHSA-6C3J-C64M-QHGQ...
com.alilitech:boot-plus-generator (>=1.1.0 <=1.3.7), com.alilitech:boot-plus-log (>=1.2.0 <=2.0.5) +48 more potentially affected by CVE-2019-8331 via org.webjars:bootstrap (>=4.0.0 <=4.2.1)
org.webjars:bootstrap MAVEN version =4.0.0, =1.1.0, =1.2.0, =1.1.0, =1.16.0, =3.2.2, =1.0.3.RELEASE, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =2.0.0, =2.3.0 and more Source cves: CVE-2019-8331 Source advisory: OSV:GHSA-9V3M-8FP8-MJ99...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20677 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20677 Source advisory: OSV:GHSA-PH58-4VRJ-W6HR...
au.com.intelix:rs-core-js_2.11 (=0.1.3.1), au.com.mountain-pass:hyperstate (>=1 <=9) +505 more potentially affected by CVE-2018-20676 via org.webjars:bootstrap (>=2.2.1 <=3.3.7)
org.webjars:bootstrap MAVEN version =2.2.1, =1, =1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =2.23.0, =2.23.5, =2.23.5, =2.23.5, =20.2.0 - ca.denisab85:telegram-restapi =0.0.1 and more Source cves: CVE-2018-20676 Source advisory: OSV:GHSA-3MGP-FX93-9XV5...