joplin is a note taking and to-do application.

Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to improper validation of schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function. Exploiting this vulnerability is possible on any client that opens a link in a malicious markdown file via this package.

wordops is an An essential toolset that eases server administration

Affected versions of this package are vulnerable to Information Exposure as it is dumping sensitive information in logs, such as MariaDB password.

com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.

Affected versions of this package are vulnerable to Denial of Service (DoS) in the _deserializeFromArray() function in BeanDeserializer, due to resource exhaustion when processing a deeply nested array.

NOTE: For this vulnerability to be exploitable the non-default DeserializationFeature must be enabled.