Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • C
Insecure Inherited Permissions 		org.xwiki.platform:xwiki-platform-uiextension-api [,14.10.19) [15.6-rc-1,15.9-rc-1) [15.0-rc-1,15.5.4) Maven 11 Apr 2024
  • H
Missing Authorization 		org.xwiki.platform:xwiki-platform-oldcore [6.4-milestone-1,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1) Maven 11 Apr 2024
  • C
Eval Injection 		org.xwiki.platform:xwiki-platform-search-solr-ui [7.2-rc-1,14.10.20) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1) Maven 11 Apr 2024
  • C
Cross-Site Request Forgery (CSRF) 		org.xwiki.platform:xwiki-platform-scheduler-ui [3.1,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9) Maven 11 Apr 2024
  • C
Improper Control of Generation of Code ('Code Injection') 		llama-index-core [,0.10.24) pip 11 Apr 2024
  • C
OS Command Injection 		github.com/go-skynet/localai/backend/go/transcribe <2.10.0 Go 11 Apr 2024
  • C
Cross-Site Request Forgery (CSRF) 		org.xwiki.platform:xwiki-platform-realtime-webjar [,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9) Maven 11 Apr 2024
  • C
Cross-Site Request Forgery (CSRF) 		org.xwiki.platform:xwiki-platform-realtime-ui [,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9) Maven 11 Apr 2024
  • C
Improper Neutralization of Special Elements used in a Template Engine ('Template Injection') 		litellm [,1.34.42) pip 11 Apr 2024
  • C
Eval Injection 		org.xwiki.platform:xwiki-platform-search-ui [,14.10.20) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1) Maven 11 Apr 2024
  • M
Improper Access Control 		roundup [1.4.0,1.4.6) [1.2.0,1.2.1) pip 11 Apr 2024
  • M
Insufficient Session Expiration 		@digitalbazaar/zcap <9.0.1 npm 11 Apr 2024
  • H
Insufficient Session Expiration 		@fastify/secure-session <7.3.0 npm 11 Apr 2024
  • C
Eval Injection 		org.xwiki.commons:xwiki-commons-velocity [,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9-rc-1) Maven 11 Apr 2024
  • L
Improper Handling of Exceptional Conditions 		github.com/authzed/spicedb/internal/datasets <1.30.1 Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/v2/pkg/oci <2.2.4 Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/pkg/oci * Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/v2/internal/pkg/cosign <2.2.4 Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/v2/cmd/cosign/cli/verify <2.2.4 Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/internal/pkg/cosign * Go 11 Apr 2024
  • M
Allocation of Resources Without Limits or Throttling 		github.com/sigstore/cosign/cmd/cosign/cli/verify * Go 11 Apr 2024
  • M
Cross-Site Request Forgery (CSRF) 		org.xwiki.platform:xwiki-platform-scheduler-ui [3.1,14.10.19) [15.0-rc-1,15.5.4) [15.6-rc-1,15.9) Maven 11 Apr 2024
  • C
Improper Control of Generation of Code ('Code Injection') 		org.xwiki.platform:xwiki-platform-search-ui [5.2-milestone-2,14.10.20) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1) Maven 11 Apr 2024
  • C
Improper Control of Generation of Code ('Code Injection') 		aim [3.0.0,] pip 11 Apr 2024
  • H
Cross-Site Request Forgery (CSRF) 		aim [0,] pip 11 Apr 2024
  • M
Improper Input Validation 		org.apache.zeppelin:zeppelin-interpreter [0.8.2,0.11.1) Maven 11 Apr 2024
  • M
Improper Input Validation 		org.apache.zeppelin:zeppelin-server [0.8.2,0.11.1) Maven 11 Apr 2024
  • M
Improper Input Validation 		org.apache.zeppelin:zeppelin-server [,0.8.2,0.11.1) Maven 11 Apr 2024
  • C
Missing Authorization 		org.xwiki.platform:xwiki-platform-localization-source-wiki [4.3-milestone-2,14.10.20) [15.0-rc-1,15.5.4) [15.6-rc-1,15.10-rc-1) Maven 11 Apr 2024
  • H
Improper Authorization 		github.com/hashicorp/consul/agent >=1.16.0 <1.16.1 Go 11 Apr 2024