Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
org.openrefine:openrefine [,1.12.0) Maven 13 Dec, 2018
  • H
Arbitrary Code Execution
org.jenkins-ci.main:jenkins-core [ ,2.138.4),[2.140, 2.149],[2.150, 2.150.1),[2.153 ,2.154) Maven 12 Dec, 2018
  • M
Information Exposure
org.jenkins-ci.main:jenkins-core [ ,2.138.4),[2.140, 2.149],[2.150, 2.150.1),[2.153 ,2.154) Maven 12 Dec, 2018
  • M
Modification of Assumed-Immutable Data (MAID)
org.jenkins-ci.main:jenkins-core [ ,2.138.4),[2.140, 2.149],[2.150, 2.150.1),[2.153 ,2.154) Maven 12 Dec, 2018
  • M
XML External Entity Injection (XXE)
ro.pippo:pippo-jaxb [,1.12.0) Maven 12 Dec, 2018
  • H
Arbitrary Command Execution
org.apache.hadoop:hadoop-yarn-server-nodemanager [2.7.4, 2.7.7) Maven 10 Dec, 2018
  • H
Arbitrary Command Execution
org.apache.hadoop:hadoop-yarn-server-nodemanager [2.2.0, 2.7.4) Maven 10 Dec, 2018
  • H
Access Restriction Bypass
org.kohsuke:groovy-sandbox [,2.60) Maven 10 Dec, 2018
  • M
Denial of Service (DoS)
org.jenkins-ci.main:jenkins-core [,2.138.4),[2.150, 2.154) Maven 10 Dec, 2018
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
org.sonarsource.sonarqube:sonar-plugin-api [,6.7.4) Maven 07 Dec, 2018
  • M
Replay attack
org.keycloak:keycloak-services [,4.6.0) Maven 03 Dec, 2018
  • M
Man-in-the-Middle (MitM)
org.apache.qpid:proton-j [,0.30.0) Maven 19 Nov, 2018
  • M
Open Redirect
org.keycloak:keycloak-services [,4.5.0) Maven 19 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 13 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 13 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-http [,0] Maven 13 Nov, 2018
  • H
Access Restriction Bypass
org.apache.hive:hive-exec [,2.3.4), [3.1.0, 3.1.1) Maven 12 Nov, 2018
  • H
Authentication Bypass
org.apache.hive:hive-exec [,2.3.4), [3.0.0, 3.1.1) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-http [,0] Maven 12 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json_2.10 [,1.3.5) Maven 09 Nov, 2018
  • M
Denial of Service (DoS)
io.spray:spray-json [,1.3.5) Maven 09 Nov, 2018
  • M
Cross-site Scripting (XSS)
org.apache.syncope:syncope-core [,2.0.11),[2.1.0, 2.1.2) Maven 08 Nov, 2018
  • H
XML External Entity (XXE) Injection
org.apache.syncope.client:syncope-client-console [,2.0.11),[2.1.0, 2.1.2) Maven 08 Nov, 2018
  • H
Remote Code Execution
ro.pippo:pippo-session [,1.12.0) Maven 06 Nov, 2018
  • H
Arbitrary File Write via Archive Extraction (Zip Slip)
org.nd4j:nd4j-common [,1.0.0-beta3) Maven 31 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core_2.11 [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core_2.10 [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018
  • L
Information Exposure
org.apache.spark:spark-core [1.3.0, 2.4.0-rc4) Maven 26 Oct, 2018