Severity: moderate
Affected versions:
- Apache Commons OGNL: all versions
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command
Delimiters vulnerability in Apache Commons OGNL.
This issue affects Apache Commons OGNL: all versions.
When using the API Og
Severity: low
Affected versions:
- Apache Struts Extras (org.apache.struts:struts-extras) before 2
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Output Neutralization for Logs
vulnerability in Apache Struts.
This issue affects Apache Struts Extras: before 2.
When using LookupDispatc
Severity: moderate
Affected versions:
- Apache Pekko Management (org.apache.pekko:pekko-management_2.12) 1.0.0 before
1.1.1
- Apache Pekko Management (org.apache.pekko:pekko-management_2.13) 1.0.0 before
1.1.1
- Apache Pekko Management (org.apache.pekko:pekko-management_3) 1.0.0 before
1.1.1
Severity: low
Affected versions:
- Apache Commons Configuration 1 before 2.0.0
Description:
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration
1.x.
There are a number of issues in Apache Commons Configuration 1.x that allow
excessive resource consumption when loa
Severity: moderate
Affected versions:
- Apache ActiveMQ NMS OpenWire Client before 2.1.1
Description:
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire
Client.
This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when
performing connections to unt
Severity: moderate
Affected versions:
- Apache Oozie: all versions
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web
Page Generation ('Cross-site Scripting') vulnerability in Apache Oozie.
This issue affects Apache Oozie: all versions.
As this project i
Severity: important
Affected versions:
- Apache Fineract 1.4 through 1.9
Description:
SQL Injection vulnerability in various API endpoints - offices, dashboards,
etc. Apache Fineract versions 1.9 and before have a vulnerability that allows
an authenticated attacker to inject malicious data in
Severity: low
Affected versions:
- Apache Cocoon: all versions
Description:
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Usage of Seeds in Pseudo-Random
Number Generator (PRNG) vulnerability in Apache Cocoon.
This issue affects Apache Cocoon: all versions.
When a continuation is created, it get
Severity: moderate
Affected versions:
- Apache MINA SSHD through 2.11.0
Description:
Like many other SSH implementations, Apache MINA SSHD suffered from the issue
that is more widely known as CVE-2023-48795. An attacker that can intercept
traffic between client and server could drop certain p
Severity: important
Affected versions:
- Apache Submarine Server Core 0.8.0 or later
Description:
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache
Submarine Server Core.
This issue affects Apache Submarine Server Core: from 0.8.0.
As this project is retired, we
Severity: low
Affected versions:
- Apache Submarine Commons Utils 0.8.0 or later
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache
Submarine Commons Utils.
This issue affects Apache Submarine Commons Utils: from 0.8.0.
As this project is retired, we
Severity: important
Affected versions:
- Apache Submarine Server Core: all versions
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements
used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine
Server Core.
This issue affects Apache Subma
Severity: important
Affected versions:
- Apache Karaf Cave or later
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in
Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave.
As this project is retired, we do not plan to release a version t
13 matches
Mail list logo
