Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-39399 |
|
Vulnerability in java (CVE-2022-39399)
vulnerability in java (CVE-2022-39399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21619 |
|
Vulnerability in java (CVE-2022-21619)
vulnerability in java (CVE-2022-21619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21618 |
|
Authentication Bypass in java (CVE-2022-21618)
authentication bypass in java (CVE-2022-21618). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.5, 19.0.1` or later.
|
| CVE-2022-21549 |
|
Unsafe Deserialization in java (CVE-2022-21549)
vulnerability in java (CVE-2022-21549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.4` or later.
|
| CVE-2022-21540 |
|
Use-After-Free in java (CVE-2022-21540)
vulnerability in java (CVE-2022-21540). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.351, 8.0.341, 11.0.16, 17.0.4, 18.0.2` or later.
|
| CVE-2022-21293 |
|
Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21291 |
|
Vulnerability in java (CVE-2022-21291)
vulnerability in java (CVE-2022-21291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21283 |
|
Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2021-35556 |
|
Vulnerability in java (CVE-2021-35556)
vulnerability in java (CVE-2021-35556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
|
| CVE-2023-48795 |
|
Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2015-5739 |
|
Vulnerability in golang (CVE-2015-5739)
vulnerability in golang (CVE-2015-5739). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5740 |
|
Vulnerability in golang (CVE-2015-5740)
vulnerability in golang (CVE-2015-5740). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8932 |
|
Vulnerability in golang (CVE-2017-8932)
vulnerability in golang (CVE-2017-8932). Confidential information can be exposed externally.
|