26517 matches found
africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +10651 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.39)
org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =j11.2.6.0, =j11.2.6.0, =j11.2.6.0, =j11.2.6.2 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...
ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12), ai.foremast.metrics:foremast-spring-boot-1x-k8s-metrics-starter (>=0.1.6 <=0.1.7) +7663 more potentially affected by CVE-2026-22733 via org.springframework.boot:spring-boot-starter-actuator (>=1.0.0.RELEASE <=2.7.18)
org.springframework.boot:spring-boot-starter-actuator MAVEN version =1.0.0.RELEASE, =0.1.8, =0.1.6, =0.1.2, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =j8.2.2.0, =j8.2.2.0, =j8.2.2.0, =j8.2.2.0, =j11.2.6.2 and more Source cves: CVE-2026-22733 Source advisory:...
acegisecurity:acegi-security (=0.7.0), acegisecurity:acegi-security-cas (=0.7.0) +4 more potentially affected by CVE-2026-22735 via springframework:spring-webmvc (>=1.1.3 <=1.2.1)
springframework:spring-webmvc MAVEN version =1.1.3, =1.0-rc2, =1.0-rc3 Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-SPRINGFRAMEWORK-15701757...
@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +66 more potentially affected by CVE-2026-31865 via elysia (>=1.0.13 <=1.4.26)
elysia NPM version =1.0.13, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0, =0.0.1, =1.0.3, =1.0.8 and more Source cves: CVE-2026-31865 Source advisory: SNYK:JS-ELYSIA-15680180...
org.apache.iotdb:customize-mqtt-example (=2.0.1-beta), org.apache.iotdb:integration-test (=2.0.1-beta) +5 more potentially affected by CVE-2026-24015 via org.apache.iotdb:iotdb-server (=2.0.1-beta)
org.apache.iotdb:iotdb-server MAVEN version =2.0.1-beta is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.iotdb:iotdb-server and may be impacted: - org.apache.iotdb:customize-mqtt-example =2.0.1-beta - org.apache.iotdb:integration-test...
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +60601 more potentially affected by CVE-2026-29086 via hono (>=0.5.10 <=4.12.3)
hono NPM version =0.5.10, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =2.0.0, =1.0.0, =0.3.2, =0.1.0, =0.3.8 and more Source cves: CVE-2026-29086 Source advisory: SNYK:JS-HONO-15418360...
ba.sake:pac4j-testkit (>=0.1.0 <=0.2.0), com.github.hiwepy:pac4j-spring-boot-starter (=3.3.x.20241020.RELEASE) +2 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=6.0.5 <=6.2.2)
org.pac4j:pac4j-jwt MAVEN version =6.0.5, =0.1.0, =7.1.0, =7.1.0, =7.3.4 Source cves: CVE-2026-29000 Source advisory: OSV:GHSA-PM7G-W2CF-Q238...
org.webjars.npm:nestjs__platform-express (>=8.4.7 <=9.0.0-next.2) potentially affected by CVE-2026-3520 via org.webjars.npm:multer (=1.4.4-lts.1)
org.webjars.npm:multer MAVEN version =1.4.4-lts.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:multer and may be impacted: - org.webjars.npm:nestjsplatform-express =8.4.7, =9.0.0-next.2 Source cves: CVE-2026-3520 Source advisory:...
vantuz (>=3.3.2 <=3.3.7) potentially affected by unknown CVE via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: unknown CVE Source advisory: OSV:GHSA-R294-2894-92J3...
@felixid/baileys-mod (=8.0.8), @hanzzy/baileys-mod (>=8.0.5 <=8.0.11) +13 more potentially affected by unknown CVE via @skyzopedia/libsignal-node (=0.0.1-security)
@skyzopedia/libsignal-node NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on @skyzopedia/libsignal-node and may be impacted: - @felixid/baileys-mod =8.0.8 - @hanzzy/baileys-mod =8.0.5, =8.0.2, =3.0.0, =1.0.0, =8.0.8, =0.5.0,...
@adobe-apimesh/mesh-builder (=1.4.0-beta.5), @akylas/nativescript-cli (>=8.7.2 <=8.8.2) +316 more potentially affected by CVE-2026-27903 via minimatch (>=7.0.0 <=7.4.6)
minimatch NPM version =7.0.0, =8.7.2, =5.5.0-682, =0.0.6, =3.6.0, =2.6.0, =2.5.0, =3.6.0, =4.6.0, =1.11.0, =4.0.0, =2.0.7, =2.0.4, =1.2.1, =1.3.1 - @digit-ui/digit-ui-module-common =1.3.0 and more Source cves: CVE-2026-27903 Source advisory: OSV:GHSA-7R86-CG39-JMMJ...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @24hr/content-next (>=1.0.0 <=3.0.17) +906 more potentially affected by CVE-2026-27959 via koa (>=2.0.0-alpha.3 <=2.16.3)
koa NPM version =2.0.0-alpha.3, =1.0.0, =3.10.1, =3.7.0, =4.25.19-patch.1, =0.0.1, =0.3.1, =0.0.1, =0.0.50, =0.0.7, =1.0.1, =0.2.4, =0.2.4, =0.2.6 and more Source cves: CVE-2026-27959 Source advisory: SNYK:JS-KOA-15353398...
@adobe-apimesh/mesh-builder (=1.4.0-beta.5), @akylas/nativescript-cli (>=8.7.2 <=8.8.2) +316 more potentially affected by CVE-2026-27903 via minimatch (>=7.0.0 <=7.4.6)
minimatch NPM version =7.0.0, =8.7.2, =5.5.0-682, =0.0.6, =3.6.0, =2.6.0, =2.5.0, =3.6.0, =4.6.0, =1.11.0, =4.0.0, =2.0.7, =2.0.4, =1.2.1, =1.3.1 - @digit-ui/digit-ui-module-common =1.3.0 and more Source cves: CVE-2026-27903 Source advisory: SNYK:JS-MINIMATCH-15353389...
@hotosm/id (>=2.18.1 <=2.34.0), @janefeel/id (>=2.35.0-dev <=2.35.23) +6 more potentially affected by CVE-2026-27210 via pannellum (=2.5.6)
pannellum NPM version =2.5.6 is affected by a known vulnerability. The following packages have a transitive dependency on pannellum and may be impacted: - @hotosm/id =2.18.1, =2.35.0-dev, =2.35.25, =2.18.5, =2.1.0, =2.33.0, =2.33.3 Source cves: CVE-2026-27210 Source advisory: OSV:GHSA-8423-W5WX-H...
02strich-markdown (>=1.0.0 <=1.0.2), @0xintuition/slang-cli (>=0.0.1 <=0.0.8) +1940 more potentially affected by CVE-2026-26996 via minimatch (>=4.1.1 <=4.2.3)
minimatch NPM version =4.1.1, =1.0.0, =0.0.1, =0.5.2, =5.0.2, =2.2.0, =1.1.4, =1.3.1, =1.0.0, =0.0.2-alpha-20220914223128-d706aab, =0.0.2-alpha-20220915073207-1bb0680, =0.0.2-alpha-20220914223128-d706aab, =1.1.8, =1.0.0, =1.5.0 and more Source cves: CVE-2026-26996 Source advisory:...
org.webjars.npm:angular-devkit__architect (=0.1902.8), org.webjars.npm:angular-devkit__core (>=15.2.0-next.3 <=19.2.8) +2 more potentially affected by CVE-2025-69873 via org.webjars.npm:ajv (>=8.12.0 <=8.17.1)
org.webjars.npm:ajv MAVEN version =8.12.0, =15.2.0-next.3, =15.2.0-next.3, =15.2.0-next.3, =19.2.8 Source cves: CVE-2025-69873 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15274296...
qwik-lottie (>=0.0.5 <=0.0.6), storybook-framework-qwik (>=0.0.1 <=0.0.4) potentially affected by CVE-2026-25151 via @builder.io/qwik-city (>=0.0.112 <=0.0.128)
@builder.io/qwik-city NPM version =0.0.112, =0.0.5, =0.0.1, =0.0.4 Source cves: CVE-2026-25151 Source advisory: OSV:GHSA-R666-8GJF-4V5F...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-4027 Source advisory: SNYK:JAVA-IOUNDERTOW-15166617...
@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23967 via sm-crypto (>=0.0.9 <=0.3.13)
sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23967 Source advisory: SNYK:JS-SMCRYPTO-15060560...
10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3405 more potentially affected by CVE-2025-68470 via react-router (>=7.0.0 <=7.9.6-pre.1)
react-router NPM version =7.0.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-68470 Source advisory: SNYK:JS-REACTROUTER-14908286...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1890 more potentially affected by CVE-2025-67636 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.528.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-67636 Source advisory: OSV:GHSA-P3F5-98CV-562J...
@nocobase/devtools (>=1.9.0 <=1.9.21), @nocobase/server (>=1.9.0 <=1.9.21) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=1.9.0 <=1.9.21)
@nocobase/auth NPM version =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.21 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +15043 more potentially affected by CVE-2025-12183 via org.lz4:lz4-java (>=1.4 <=1.8.0)
org.lz4:lz4-java MAVEN version =1.4, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =1.2.10 and more Source cves: CVE-2025-12183 Source advisory: SNYK:JAVA-ORGLZ4-14151788...
@jbrowse/core (>=1.4.0 <=1.7.3), @persistr/js (>=3.6.3 <=3.14.0) +5 more potentially affected by unknown CVE via tenacious-fetch (=2.3.1)
tenacious-fetch NPM version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tenacious-fetch and may be impacted: - @jbrowse/core =1.4.0, =3.6.3, =1.0.5, =1.0.0, =1.2.0 Source cves: unknown CVE Source advisory: SNYK:JS-TENACIOUSFETCH-14103737...
@nmime/nestjs-asyncapi (>=2.0.0 <=2.0.7) potentially affected by unknown CVE via @asyncapi/nodejs-ws-template (=0.10.0)
@asyncapi/nodejs-ws-template NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/nodejs-ws-template and may be impacted: - @nmime/nestjs-asyncapi =2.0.0, =2.0.7 Source cves: unknown CVE Source advisory:...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nudela-aaff-ga (=1.0.0)
nudela-aaff-ga NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nudela-aaff-ga and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163704...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala13 (=1.0.0)
nokire-nakala13 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala13 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-162964...
1batch (=1.0.0), 47pages-keystone (>=0.0.1 <=0.0.5) +810 more potentially affected by CVE-2025-12613 via cloudinary (>=1.0.13 <=2.6.1)
cloudinary NPM version =1.0.13, =0.0.1, =1.0.2, =1.1.0, =0.0.1, =0.0.0, =1.0.0, =1.0.0, =1.0.28, =0.0.3, =3.7.0, =3.19.3 and more Source cves: CVE-2025-12613 Source advisory: OSV:GHSA-G4MF-96X5-5M2C...
@abcpros/minimal-slp-wallet (>=3.0.1 <=3.0.4), @abcpros/minimal-xpi-slp-wallet (>=3.0.4 <=3.0.10) +163 more potentially affected by CVE-2025-57317 via apidoc-core (>=0.10.0 <=0.8.3)
apidoc-core NPM version =0.10.0, =3.0.1, =3.0.4, =0.2.2, =1.4.3, =1.0.2, =3.0.10, =1.1.7, =1.0.1, =1.0.5, =0.6.9, =1.0.4, =1.0.10 - @comodinx/api-doc =1.0.0 and more Source cves: CVE-2025-57317 Source advisory: SNYK:JS-APIDOCCORE-13110017...
01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25575 more potentially affected by CVE-2025-46148 via torch (>=1.0.0 <=2.6.0)
torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.16 - a1facts =0.2.6 and more Source cves: CVE-2025-46148 Source advisory: OSV:PYSEC-2025-198...
ai.ancf.lmos-router:lmos-router-hybrid-spring-boot-starter (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0) +23963 more potentially affected by CVE-2025-41249 via org.springframework:spring-core (>=6.0.0 <=6.2.10)
org.springframework:spring-core MAVEN version =6.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.1.0, =0.12.1 and more Source cves: CVE-2025-41249 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-12817817...
@frdl/webfan-server (>=0.1.27 <=0.1.31) potentially affected by unknown CVE via tg-redbird (=1.3.0)
tg-redbird NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tg-redbird and may be impacted: - @frdl/webfan-server =0.1.27, =0.1.31 Source cves: unknown CVE Source advisory: SNYK:JS-TGREDBIRD-12744622...
com.github.pureconfig:pureconfig-fs2_2.11 (>=0.12.1 <=0.14.0), com.github.regis-leray:fs2-ftp_2.11 (>=0.3.0 <=0.5.0) +14 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.11 (>=2.0.1 <=2.1.0)
co.fs2:fs2-io2.11 MAVEN version =2.0.1, =0.12.1, =0.3.0, =3.3.0, =3.0.0, =3.0.0, =3.3.0, =2.0.0, =3.0.0-RC1, =1.2.0, =1.2.5, =1.3.8 and more Source cves: CVE-2025-58369 Source advisory: OSV:GHSA-RRW2-PX9J-QFFJ...
ca.qc.ircm:plate-layout (=0.8), com.github.ilgun:expandingtextarea (=2.0) +100 more potentially affected by CVE-2025-9467 via com.vaadin:vaadin-server (>=8.0.0 <=8.28.1)
com.vaadin:vaadin-server MAVEN version =8.0.0, =1.0.0, =1.0.0, =1.1.20, =1.1.8, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.5 and more Source cves: CVE-2025-9467 Source advisory: SNYK:JAVA-COMVAADIN-12496925...
ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +18174 more potentially affected by CVE-2025-58057 via io.netty:netty-codec-http2 (>=4.1.0.Beta4 <=4.1.124.Final)
io.netty:netty-codec-http2 MAVEN version =4.1.0.Beta4, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), com.coravy.hudson.plugins.github:github (>=1.41.0 <=1.45.0) +35 more potentially affected by CVE-2025-58458 via org.jenkins-ci.plugins:git-client (>=6.1.0 <=6.3.0)
org.jenkins-ci.plugins:git-client MAVEN version =6.1.0, =37.v0d3157c4aef8, =1.41.0, =61.vf6d8f6f5ed02, =1.1.0.825.v30618768da42, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =3.2083.vd36f32376929, =530.v38d502df428f, =634.v371dc6d978a3, =718.v40b5f0e67cd3,...
6_0901 (=1.0.0), @alu0101227610/gh-repo-rename (>=1.2.0 <=1.2.1) +27 more potentially affected by unknown CVE via comander (=0.0.1-security)
comander NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on comander and may be impacted: - 60901 =1.0.0 - @alu0101227610/gh-repo-rename =1.2.0, =1.1.1, =1.2.0, =0.0.2, =1.0.0, =1.2.2, =1.0.1, =1.0.5 - hager1 =1.0.0 and more...
h1-cli-device-browser (>=1.0.1-alpha.0 <=1.0.1-alpha.1), h1-cli-device-node (>=1.0.1-alpha.0 <=1.0.1-alpha.1) potentially affected by unknown CVE via h1-cli-ext-iam-project-select (=1.0.1-alpha.1)
h1-cli-ext-iam-project-select NPM version =1.0.1-alpha.1 is affected by a known vulnerability. The following packages have a transitive dependency on h1-cli-ext-iam-project-select and may be impacted: - h1-cli-device-browser =1.0.1-alpha.0, =1.0.1-alpha.0, =1.0.1-alpha.1 Source cves: unknown CVE...
@xizhouh/former (>=0.0.1 <=1.1.1), @xizhouh/formless (>=0.0.1 <=0.0.6) +1 more potentially affected by unknown CVE via set-object-path (=2.0.1)
set-object-path NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on set-object-path and may be impacted: - @xizhouh/former =0.0.1, =0.0.1, =0.3.0, =0.3.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-33017...
attr (>=0.0.0 <=0.0.1), door (>=0.0.5 <=0.0.6) +3 more potentially affected by unknown CVE via new-prop (=2.0.0)
new-prop NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on new-prop and may be impacted: - attr =0.0.0, =0.0.5, =0.0.7, =0.0.0, =0.0.0, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27365...
com.baomidou:kisso (>=2.0 <=3.6.10), com.baomidou:spring-wind (>=1.0 <=1.1.4) +104 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk14 (>=1.43 <=1.78.1)
org.bouncycastle:bcprov-jdk14 MAVEN version =1.43, =2.0, =1.0, =9.1.20, =0.1.1, =1.5.4, =2.2, =2.0.1, =2.1.3 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789693...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +6164 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcpkix-jdk18on (>=1.74 <=1.78.1)
org.bouncycastle:bcpkix-jdk18on MAVEN version =1.74, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =3.10.0.5, =2025.01.23.182856-596558a, =2025.01.23.182856-596558a, =2024.09.04.130719-0ef52f0, =2025.05.02.222809-f712db2 and more Source cves: CVE-2025-8916 Source...
br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.2), com.alanpoi:alanpoi-all (>=1.3.5 <=3.0.0) +126 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk14 (>=1.38 <=1.77)
org.bouncycastle:bcprov-jdk14 MAVEN version =1.38, =1.2.1, =1.3.5, =1.3.5, =2.0, =1.0, =1.6.1.P24, =1.7, =0.0.1, =1.0, =1.1 - com.github.lkkushan101.RestAssuredPDFReport:com.github.lkkushan101.RestAssuredPDFReport =1.00 - com.github.lkkushan101.appiumlocator:com.github.lkkushan101.appiumlocator...
co.elastic.apm:apm-agent-attach-cli (>=1.26.0 <=1.55.6), com.adobe.documentservices:pdfservices-sdk (>=2.2.2 <=3.5.1) +169 more potentially affected by CVE-2025-8885 via org.bouncycastle:bc-fips (>=1.0.1 <=1.0.2.5)
org.bouncycastle:bc-fips MAVEN version =1.0.1, =1.26.0, =2.2.2, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.16.8.0, =4.17.4.0 and more Source cves: CVE-2025-8885 Source advisory:...
app.cash.lilbitcoinj:lilbitcoinj-core (>=0.0.2 <=0.0.3), app.cash.lninvoice:ln-invoice (>=0.0.1 <=0.0.6) +1309 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.77)
org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =1.0.0.RELEASE, =1.0.0, =1.0.0.RELEASE, =2.7.0 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777845...
org.apache.camel.quarkus:camel-quarkus-as2 (>=3.0.0-M1 <=3.10.0), org.apache.camel.quarkus:camel-quarkus-as2-deployment (>=3.0.0-M1 <=3.10.0) +4 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.77)
org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =4.5.0 Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777841...
cn.jarkata:jarkata-encrypt (=1.0.0), cn.ponfee:commons-core (>=1.1 <=1.4) +242 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-ext-jdk18on (>=1.71 <=1.77)
org.bouncycastle:bcprov-ext-jdk18on MAVEN version =1.71, =1.1, =2.4.1, =3.0.0 - com.clever-cloud.pulsar4s:pulsar4s-akka-streams2.12 =2.9.1 - com.clever-cloud.pulsar4s:pulsar4s-akka-streams2.13 =2.9.1 - com.clever-cloud.pulsar4s:pulsar4s-akka-streams3 =2.9.1 -...
cn.loyom.boot:loyom-boot-cache (=1.0.0-JDK21), cn.loyom.boot:loyom-boot-common (=1.0.0-JDK21) +163 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-lts8on (>=2.73.0 <=2.73.4)
org.bouncycastle:bcprov-lts8on MAVEN version =2.73.0, =2.73.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bcprov-lts8on and may be impacted: - cn.loyom.boot:loyom-boot-cache =1.0.0-JDK21 - cn.loyom.boot:loyom-boot-common =1.0.0-JDK...
ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +43 more potentially affected by CVE-2025-41235 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.2)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41235 Source advisory: OSV:GHSA-6J2Q-C73V-97C5...
ai.djl.spring:djl-spring-boot-starter-autoconfigure (=0.26), ai.djl.spring:djl-spring-boot-starter-mxnet-auto (=0.26) +4413 more potentially affected by CVE-2025-22235 via org.springframework.boot:spring-boot (>=3.2.0 <=3.2.12)
org.springframework.boot:spring-boot MAVEN version =3.2.0, =1.5.0, =1.5.0, =0.0.1, =7.0.0, =0.25.7-rc.1, =0.8.0.BETA, =1.0.2, =1.0.6 and more Source cves: CVE-2025-22235 Source advisory: OSV:GHSA-RC42-6C7J-7H5R...