26517 matches found
@akala/semantic-release (>=2.0.11 <=3.0.62), @blinkbooks/types (>=1.0.5 <=1.0.43) +32 more potentially affected by CVE-2025-59433 via @conventional-changelog/git-client (=1.0.1)
@conventional-changelog/git-client NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @conventional-changelog/git-client and may be impacted: - @akala/semantic-release =2.0.11, =1.0.5, =4.0.0, =1.19.0, =2.10.0, =1.0.0, =1.0.0, =11.0.0,...
marked-sanitizer (=0.0.0) potentially affected by unknown CVE via ammonia (=3.1.4)
ammonia CARGO version =3.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on ammonia and may be impacted: - marked-sanitizer =0.0.0 Source cves: unknown CVE Source advisory: SNYK:RUST-AMMONIA-13004667...
fluminurs (>=0.1.1 <=0.1.6), html2pango (>=0.2.0 <=0.3.2) +3 more potentially affected by unknown CVE via ammonia (>=2.1.4 <=3.1.4)
ammonia CARGO version =2.1.4, =0.1.1, =0.2.0, =0.3.0, =0.3.1 - telereads =0.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-MM7X-QFJJ-5G2C...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +209 more potentially affected by CVE-2025-59420 via authlib (>=1.0.0 <=1.6.3)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-59420 Source advisory:...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +268 more potentially affected by CVE-2025-59420 via authlib (>=0.10.0 <=1.6.3)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2025-59420 Source advisory: OSV:GHSA-9GGR-2464-2J32...
fluminurs (>=0.1.1 <=0.1.6), html2pango (>=0.2.0 <=0.3.2) +3 more potentially affected by unknown CVE via ammonia (>=2.1.4 <=3.1.4)
ammonia CARGO version =2.1.4, =0.1.1, =0.2.0, =0.3.0, =0.3.1 - telereads =0.1.3 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0071...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2025-10769 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2025-10769 Source advisory: SNYK:JAVA-AIH2O-13003701...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2025-10768 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2025-10768 Source advisory: SNYK:JAVA-AIH2O-13003702...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +45 more potentially affected by CVE-2025-6507 +1 more via ai.h2o:h2o-core (>=0.1.10 <=3.46.0.7)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2025-6507, CVE-2025-6544 Source advisory:...
com.liferay.faces:liferay-faces-alloy (>=3.0.1-ga2 <=3.0.2-ga3), com.liferay.faces:liferay-faces-bridge-impl (>=3.0.0-ga1 <=3.0.5-ga6) +37 more potentially affected by CVE-2025-43809 via com.liferay.portal:portal-service (>=6.0.2 <=6.0.6)
com.liferay.portal:portal-service MAVEN version =6.0.2, =3.0.1-ga2, =3.0.0-ga1, =3.0.0-ga1, =6.0.2, =6.0.2, =6.0.2, =6.0.2, =6.0.2, =7.7.36, =7.0.0, =1.4.5.1, =0.6.0, =0.7.0, =2.4, =2.4-RC1 - org.aperteworkflow.contrib:liferay-6.0-document-provider =1.1.1 and more Source cves: CVE-2025-43809 Sour...
com.liferay.maven.plugins:liferay-maven-plugin (>=6.0.2 <=6.0.6), com.liferay.portal:util-taglib (>=6.0.2 <=6.0.6) +3 more potentially affected by CVE-2025-43809 via com.liferay.portal:portal-impl (>=6.0.2 <=6.0.6)
com.liferay.portal:portal-impl MAVEN version =6.0.2, =6.0.2, =6.0.2, =2.4, =1.0, =2.0, =2.5 Source cves: CVE-2025-43809 Source advisory: SNYK:JAVA-COMLIFERAYPORTAL-13003719...
bacpipe (>=1.2.0 <=1.3.2.dev0), decima2 (>=0.1.0 <=0.2.1) +11 more potentially affected by CVE-2025-9905 via keras (>=3.0.0 <=3.11.0)
keras PYPI version =3.0.0, =1.2.0, =0.1.0, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.0.0, =1.2.0 Source cves: CVE-2025-9905 Source advisory: OSV:GHSA-36RR-WW3J-VRJV...
a2grunnerp (>=0.1.0 <=0.1.8), a62-emotion (>=0.9.2 <=0.11.4) +1263 more potentially affected by CVE-2025-9906 via keras (>=1.2.1 <=3.10.0)
keras PYPI version =1.2.1, =0.1.0, =0.9.2, =1.0.1, =0.1.0, =1.1.2, =0.0.8, =0.0.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2025-9906 Source advisory: OSV:GHSA-36FQ-JGMW-4R9C...
bacpipe (>=1.2.0 <=1.3.2.dev0), decima2 (>=0.1.0 <=0.2.1) +11 more potentially affected by CVE-2025-9905 via keras (>=3.0.0 <=3.11.0)
keras PYPI version =3.0.0, =1.2.0, =0.1.0, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.0.0, =1.2.0 Source cves: CVE-2025-9905 Source advisory: OSV:PYSEC-2025-123...
bacpipe (>=1.2.0 <=1.3.2.dev0), decima2 (>=0.1.0 <=0.2.1) +11 more potentially affected by CVE-2025-9905 via keras (>=3.0.0 <=3.11.0)
keras PYPI version =3.0.0, =1.2.0, =0.1.0, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.0.0, =1.2.0 Source cves: CVE-2025-9905 Source advisory: SNYK:PYTHON-KERAS-12927179...
decima2 (>=0.1.0 <=0.2.1), gpbench (>=1.0.3 <=1.2.2) +8 more potentially affected by CVE-2025-9906 via keras (>=3.0.0 <=3.10.0)
keras PYPI version =3.0.0, =0.1.0, =1.0.3, =0.0.28, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.0.0, =1.2.0 Source cves: CVE-2025-9906 Source advisory: SNYK:PYTHON-KERAS-12927178...
@askinozgur/do-markdownit-cli (>=0.0.1 <=0.6.0) potentially affected by CVE-2025-59717 via @digitalocean/do-markdownit (=1.17.2)
@digitalocean/do-markdownit NPM version =1.17.2 is affected by a known vulnerability. The following packages have a transitive dependency on @digitalocean/do-markdownit and may be impacted: - @askinozgur/do-markdownit-cli =0.0.1, =0.6.0 Source cves: CVE-2025-59717 Source advisory:...
edu.internet2.middleware.grouper:grouper-scim (>=5.1.0 <=5.20.2), edu.internet2.middleware.grouper:grouper-ui (>=5.1.0 <=5.20.2) +3 more potentially affected by CVE-2025-59714 via edu.internet2.middleware.grouper:grouper (>=5.17.1 <=5.20.2)
edu.internet2.middleware.grouper:grouper MAVEN version =5.17.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.18.3 Source cves: CVE-2025-59714 Source advisory: SNYK:JAVA-EDUINTERNET2MIDDLEWAREGROUPER-13003670...
10minions-engine (>=0.0.1 <=0.0.4), 3ui (>=0.1.0 <=0.1.8) +1277 more potentially affected by CVE-2025-13204 via expr-eval (>=0.12.0 <=2.0.2)
expr-eval NPM version =0.12.0, =0.0.1, =0.1.0, =1.0.2, =1.2.0, =1.0.0, =0.1.4, =0.0.1, =0.4.2, =0.2.3, =0.2.4 - @activepieces/piece-apitable =0.1.5 and more Source cves: CVE-2025-13204 Source advisory: SNYK:JS-EXPREVAL-13508636...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-23316 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-23316 Source advisory:...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-23336 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-23336 Source advisory:...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-23328 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-23328 Source advisory:...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-23329 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-23329 Source advisory:...
@adobe/aio-cli (>=7.0.0 <=8.3.0), @adobe/aio-cli-plugin-app (>=7.0.0 <=8.6.1) +31 more potentially affected by CVE-2025-56648 via @parcel/reporter-dev-server (>=2.0.0-beta.1 <=2.16.3)
@parcel/reporter-dev-server NPM version =2.0.0-beta.1, =7.0.0, =7.0.0, =1.0.0, =5.0.0, =2.3.0, =3.3.6, =2.1.0, =1.0.0-alpha.27, =2.0.0, =2.0.0, =0.0.2, =0.0.2, =2.0.0-beta.1, =2.13.4-canary.3389, =2.13.4-canary.3403 and more Source cves: CVE-2025-56648 Source advisory: OSV:GHSA-QM9P-F9J5-W83W...
pingora (>=0.1.0 <=0.5.0), pingora-cache (>=0.1.0 <=0.5.0) +4 more potentially affected by unknown CVE via pingora-core (>=0.1.1 <=0.5.0)
pingora-core CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.0 - revoke-gateway =0.3.0 - static-files-module =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-393W-9X6H-8GC7...
ai.starlake:starlake-streaming_2.13 (>=1.3.3 <=1.3.5), chat.octet:llama-java-core (>=1.4.1 <=1.4.2) +296 more potentially affected by CVE-2025-59340 via com.hubspot.jinjava:jinjava (>=2.0.5 <=2.8.0)
com.hubspot.jinjava:jinjava MAVEN version =2.0.5, =1.3.3, =1.4.1, =0.0.80, =1.0.6, =1.0.6, =1.0.6, =1.0.2, =1.0.2, =0.1.0, =1.3.0, =0.3.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.1.6 and more Source cves: CVE-2025-59340 Source advisory: SNYK:JAVA-COMHUBSPOTJINJAVA-12878604...
@sit-onyx/demo-app (>=0.0.0 <=0.1.0-dev-20250919122003) potentially affected by CVE-2025-59414 via nuxt (=4.0.3)
nuxt NPM version =4.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on nuxt and may be impacted: - @sit-onyx/demo-app =0.0.0, =0.1.0-dev-20250919122003 Source cves: CVE-2025-59414 Source advisory: OSV:GHSA-P6JQ-8VC4-79F6...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +137 more potentially affected by CVE-2025-8419 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.5)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-8419 Source advisory:...
ai.starlake:starlake-streaming_2.13 (>=1.3.3 <=1.3.5), chat.octet:llama-java-core (>=1.4.1 <=1.4.2) +294 more potentially affected by CVE-2025-59340 via com.hubspot.jinjava:jinjava (>=1.0.3 <=2.7.4)
com.hubspot.jinjava:jinjava MAVEN version =1.0.3, =1.3.3, =1.4.1, =1.0.2, =1.0.2, =0.1.0, =1.3.0, =0.3.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.1.6 - com.elevenware.felson.examples:authserver =0.0.2 - com.elevenware.felson.examples:felson-examples-app =0.0.2 - com.elevenware.felson.examples:one =0.0...
cn.sliew:carp-framework-template-jinja (>=0.0.80 <=0.0.89), cn.sliew:flinkful-kubernetes-controller (>=1.0.6 <=1.0.7) +11 more potentially affected by CVE-2025-59340 via com.hubspot.jinjava:jinjava (=2.8.0)
com.hubspot.jinjava:jinjava MAVEN version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.hubspot.jinjava:jinjava and may be impacted: - cn.sliew:carp-framework-template-jinja =0.0.80, =1.0.6, =1.0.6, =1.0.6, =1.1, =1.19.4, =1.19.4, =1.19.4,...
@58860ed6ffd9e897/gold-finger-extension (=1.0.2), @ableaura/ableui (=0.1.0) +1496 more potentially affected by CVE-2025-56648 via @parcel/reporter-dev-server (>=2.0.0-beta.1 <=2.9.3)
@parcel/reporter-dev-server NPM version =2.0.0-beta.1, =5.1.9, =7.0.0, =8.3.0-pre.2022-06-22.sha-42703caf, =7.0.0, =0.1.0, =1.0.0, =5.0.0, =0.0.9, =0.0.1, =5.1.0, =5.2.5 and more Source cves: CVE-2025-56648 Source advisory: SNYK:JS-PARCELREPORTERDEVSERVER-12878606...
@sit-onyx/demo-app (>=0.0.0 <=0.1.0-dev-20250919122003) potentially affected by CVE-2025-59414 via nuxt (=4.0.3)
nuxt NPM version =4.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on nuxt and may be impacted: - @sit-onyx/demo-app =0.0.0, =0.1.0-dev-20250919122003 Source cves: CVE-2025-59414 Source advisory: SNYK:JS-NUXT-12878602...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1879 more potentially affected by CVE-2025-59476 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-59476 Source advisory: OSV:GHSA-QRH5-JG98-CR48...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +613 more potentially affected by CVE-2025-59475 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.43.0, =1.46.0.1 and more...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1879 more potentially affected by CVE-2025-59475 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-59475 Source advisory: OSV:GHSA-223M-4RFP-646H...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +613 more potentially affected by CVE-2025-59474 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.43.0, =1.46.0.1 and more...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1879 more potentially affected by CVE-2025-59474 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.516.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-59474 Source advisory: OSV:GHSA-67V4-38H7-9JJP...
pingora (>=0.1.0 <=0.5.0), pingora-cache (>=0.1.0 <=0.5.0) +4 more potentially affected by CVE-2025-8671 via pingora-core (>=0.1.1 <=0.5.0)
pingora-core CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.0 - revoke-gateway =0.3.0 - static-files-module =0.1.0 Source cves: CVE-2025-8671 Source advisory: OSV:RUSTSEC-2025-0070...
com.liferay:com.liferay.calendar.service (>=2.2.0 <=2.5.7), com.liferay:com.liferay.document.library.service (>=1.0.0 <=2.0.6) +10 more potentially affected by CVE-2025-43804 via com.liferay:com.liferay.portal.search (>=1.0.0 <=8.0.113)
com.liferay:com.liferay.portal.search MAVEN version =1.0.0, =2.2.0, =1.0.0, =1.1.29, =1.1.0, =1.0.0, =1.0.10, =3.4.9, =1.0.0, =2.0.5, =1.0.0, =1.2.2, =2.1.2, =2.1.11 Source cves: CVE-2025-43804 Source advisory: OSV:GHSA-CCRC-5VP5-VP5J...
com.datasqrl:sqrl-discovery (>=0.7.0 <=0.8.7), com.datasqrl:sqrl-planner (>=0.7.0 <=0.8.7) +20 more potentially affected by CVE-2025-59432 via com.ongres.scram:scram-common (>=3.0 <=3.1)
com.ongres.scram:scram-common MAVEN version =3.0, =0.7.0, =0.7.0, =0.7.0, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =1.0.0, =3.0, =2.4.0-RC1, =2.4.0-rc1 and more Source cves: CVE-2025-59432 Source advisory: SNYK:JAVA-COMONGRESSCRAM-12818392...
com.datasqrl:sqrl-discovery (>=0.7.0 <=0.8.7), com.datasqrl:sqrl-planner (>=0.7.0 <=0.8.7) +20 more potentially affected by CVE-2025-59432 via com.ongres.scram:scram-common (>=3.0 <=3.1)
com.ongres.scram:scram-common MAVEN version =3.0, =0.7.0, =0.7.0, =0.7.0, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =0.3.124, =1.0.0, =3.0, =2.4.0-RC1, =2.4.0-rc1 and more Source cves: CVE-2025-59432 Source advisory: OSV:GHSA-3WFH-36RX-9537...
@a.agiir/cinny (>=0.0.1 <=0.0.2), @airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9) +74 more potentially affected by CVE-2025-59160 via matrix-js-sdk (>=0.0.4 <=37.5.0)
matrix-js-sdk NPM version =0.0.4, =0.0.1, =0.0.1, =0.0.34, =1.3.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =1.1.0, =0.0.1, =0.0.0-development, =0.0.1-development and more Source cves: CVE-2025-59160 Source advisory: OSV:GHSA-MP7C-M3RH-R56V...
@shadypixel/mssql-mcp (=1.0.0) potentially affected by CVE-2025-59333 via @executeautomation/database-server (=1.1.0)
@executeautomation/database-server NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @executeautomation/database-server and may be impacted: - @shadypixel/mssql-mcp =1.0.0 Source cves: CVE-2025-59333 Source advisory:...
@shadypixel/mssql-mcp (=1.0.0) potentially affected by CVE-2025-59333 via @executeautomation/database-server (=1.1.0)
@executeautomation/database-server NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @executeautomation/database-server and may be impacted: - @shadypixel/mssql-mcp =1.0.0 Source cves: CVE-2025-59333 Source advisory:...
africa.absa:inception-reporting (>=1.0.0 <=1.2.0), africa.absa:inception-reporting-api (>=1.0.0 <=1.2.0) +425 more potentially affected by CVE-2025-10492 via net.sf.jasperreports:jasperreports (>=3.7.0 <=7.0.3)
net.sf.jasperreports:jasperreports MAVEN version =3.7.0, =1.0.0, =1.0.0, =4.0.4, =1.0.0, =1.0.7, =2.1.0, =2.1.0, =0.0.1, =0.0.1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =25.12.0 and more Source cves: CVE-2025-10492 Source advisory: OSV:GHSA-7C3F-CG9X-F3GR...
africa.absa:inception-reporting (>=1.0.0 <=1.2.0), africa.absa:inception-reporting-api (>=1.0.0 <=1.2.0) +425 more potentially affected by CVE-2025-10492 via net.sf.jasperreports:jasperreports (>=3.7.0 <=7.0.3)
net.sf.jasperreports:jasperreports MAVEN version =3.7.0, =1.0.0, =1.0.0, =4.0.4, =1.0.0, =1.0.7, =2.1.0, =2.1.0, =0.0.1, =0.0.1, =20.3.0, =24.2.0, =20.3.0, =2.23.5, =2.23.5, =23.1.0, =25.12.0 and more Source cves: CVE-2025-10492 Source advisory: SNYK:JAVA-NETSFJASPERREPORTS-14912438...
ch.nexsol-tech.gateway:sample-gateway (>=1.2.0 <=1.3.1), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=1.2.0 <=1.3.1) +12 more potentially affected by CVE-2025-41243 via org.springframework.cloud:spring-cloud-gateway-server-webflux (=4.3.0)
org.springframework.cloud:spring-cloud-gateway-server-webflux MAVEN version =4.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-gateway-server-webflux and may be impacted: - ch.nexsol-tech.gateway:sample-gatewa...
be.jidoka:jdk-keycloak-admin (=2.5.0), br.com.consultdg:database-module (>=1.0.1 <=1.0.10) +888 more potentially affected by CVE-2025-41248 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.1)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =1.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =0.0.69, =0.0.35, =3.4.0.2 and more Source cves: CVE-2025-41248 Source advisory: OSV:GHSA-8V5Q-RHF3-JPHM...
ai.ancf.lmos-router:lmos-router-hybrid-spring-boot-starter (=0.28.0), ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0) +18180 more potentially affected by CVE-2025-41249 via org.springframework:spring-core (>=6.0.0 <=6.1.21)
org.springframework:spring-core MAVEN version =6.0.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.1.0, =0.12.1 - ai.djl.spring:djl-spring-boot-starter-autoconfigure =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-auto =0.26 - ai.djl.spring:djl-spring-boot-starter-mxnet-linux-x8664 =0.2...
africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-application (>=1.1.0 <=1.2.0) +29052 more potentially affected by CVE-2025-41249 via org.springframework:spring-core (>=5.3.0 <=5.3.4)
org.springframework:spring-core MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2025-41249 Source advisory: OSV:GHSA-JMP9-X22R-554X...