camunda-zeebe-8.9

Direct Vulnerabilities

Known vulnerabilities in the camunda-zeebe-8.9 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • C
Insufficient Verification of Data Authenticity

<8.9.6-r1
  • L
Improper Verification of Source of a Communication Channel

<8.9.6-r1
  • L
GHSA-w573-9ffj-6ff9

<8.9.6-r1
  • L
GHSA-x4gw-5cx5-pgmh

<8.9.6-r1
  • L
GHSA-c2rx-5r8w-8xr2

<8.9.6-r1
  • L
Resource Exhaustion

<8.9.6-r1
  • L
Information Exposure

<8.9.6-r1
  • C
Insufficient Verification of Data Authenticity

<8.9.6-r1
  • L
GHSA-xmv7-r254-6q78

<8.9.6-r1
  • L
GHSA-cmm3-54f8-px4j

<8.9.6-r1
  • L
Resource Exhaustion

<8.9.6-r1
  • L
GHSA-676x-f7gg-47vc

<8.9.6-r1
  • L
GHSA-5pvg-856g-cp85

<8.9.6-r1
  • L
GHSA-3qp7-7mw8-wx86

<8.9.6-r1
  • L
Allocation of Resources Without Limits or Throttling

<8.9.6-r1
  • L
GHSA-5x3r-wrvg-rp6q

<8.9.6-r1
  • L
Improper Access Control

<8.9.6-r1
  • L
Use of Insufficiently Random Values

<8.9.6-r1
  • L
GHSA-q62f-h9x2-gcqc

<8.9.5-r3
  • L
Incorrect Default Permissions

<8.9.5-r3
  • L
Resource Exhaustion

<8.9.5-r2
  • L
Allocation of Resources Without Limits or Throttling

<8.9.5-r2
  • L
GHSA-gx5v-xp9w-j4cg

<8.9.5-r2
  • L
GHSA-45q3-82m4-75jr

<8.9.5-r2
  • H
HTTP Request Smuggling

<8.9.5-r2
  • L
GHSA-9m89-8frq-c98c

<8.9.5-r2
  • L
GHSA-m4cv-j2px-7723

<8.9.5-r2
  • L
GHSA-6p4f-wcwh-5vvm

<8.9.5-r2
  • L
GHSA-h6fc-48rj-7qqh

<8.9.5-r2
  • L
Resource Exhaustion

<8.9.5-r2
  • H
HTTP Response Splitting

<8.9.5-r2
  • L
CVE-2026-22745

<8.9.5-r2
  • L
Missing Release of Resource after Effective Lifetime

<8.9.5-r2
  • C
HTTP Request Smuggling

<8.9.5-r2
  • L
GHSA-r29c-68gh-xp6x

<8.9.5-r2
  • L
Information Exposure

<8.9.5-r2
  • L
Authentication Bypass

<8.9.5-r2
  • L
GHSA-v8h7-rr48-vmmv

<8.9.5-r2
  • L
GHSA-38f8-5428-x5cv

<8.9.5-r2
  • L
GHSA-fv25-8xcx-gqjc

<8.9.5-r2
  • C
HTTP Request Smuggling

<8.9.5-r2
  • L
GHSA-f6hv-jmp6-3vwv

<8.9.5-r2
  • L
CRLF Injection

<8.9.5-r2
  • L
GHSA-5mp6-jrq3-r938

<8.9.5-r2
  • L
GHSA-cm33-6792-r9fm

<8.9.5-r2
  • C
Improper Input Validation

<8.9.5-r2
  • L
GHSA-xxqh-mfjm-7mv9

<8.9.5-r2
  • L
GHSA-rwm7-x88c-3g2p

<8.9.5-r2
  • L
GHSA-mj4r-2hfc-f8p6

<8.9.5-r2
  • L
GHSA-57rv-r2g8-2cj3

<8.9.5-r2
  • L
Improper Handling of Case Sensitivity

<8.9.5-r2
  • L
Improper Authorization

<8.9.5-r2
  • L
Improper Input Validation

<8.9.5-r2
  • L
Integer Overflow or Wraparound

<8.9.5-r2
  • L
Information Exposure

<8.9.5-r2
  • L
GHSA-5m62-pw8w-7w9f

<8.9.5-r2
  • L
GHSA-wg35-8jpf-2xv3

<8.9.5-r2
  • L
CVE-2026-22741

<8.9.5-r2
  • L
GHSA-2c5c-chwr-9hqw

<8.9.5-r1
  • L
Allocation of Resources Without Limits or Throttling

<8.9.5-r1
  • L
CVE-2026-22751

<8.9.5-r0
  • L
GHSA-8v8j-3hxp-93wr

<8.9.5-r0
  • L
GHSA-x2wq-9x2f-fhj7

<8.9.5-r0
  • L
GHSA-98qh-xjc8-98pq

<8.9.5-r0
  • L
CVE-2026-40976

<8.9.5-r0
  • L
Allocation of Resources Without Limits or Throttling

<8.9.5-r0
  • L
GHSA-wwpq-f5c3-7hvx

<8.9.5-r0
  • L
CVE-2026-40973

<8.9.5-r0
  • L
CVE-2026-22753

<8.9.1-r1
  • L
CVE-2026-22746

<8.9.5-r0
  • L
GHSA-vxf7-qj7q-83fh

<8.9.5-r0
  • L
GHSA-4wrg-8wpc-h923

<8.9.1-r1
  • L
CVE-2026-22754

<8.9.1-r1
  • L
GHSA-4vrc-j85c-598c

<8.9.1-r1
  • L
GHSA-cvc6-q2cp-2xhw

<8.9.5-r0
  • M
CVE-2026-22748

<8.9.5-r0
  • H
CVE-2026-22747

<8.9.1-r2
  • L
GHSA-2jrg-rf5x-568g

<8.9.1-r2
  • L
GHSA-w35j-pv5h-q9q9

<8.9.1-r0
  • L
CVE-2026-5588

<8.9.1-r0
  • L
GHSA-3pxv-7cmr-fjr4

<8.9.1-r0
  • L
GHSA-6hg6-v5c8-fphq

<8.9.1-r0
  • L
GHSA-c3fc-8qff-9hwx

<8.9.1-r0
  • M
Improper Validation of Certificate with Host Mismatch

<8.9.1-r0
  • H
Improper Output Neutralization for Logs

<8.9.1-r0
  • L
GHSA-445c-vh5m-36rj

<8.9.1-r0
  • L
Overly Permissive Cross-domain Whitelist

<8.9.1-r0
  • L
GHSA-hv2w-8mjj-jw22

<8.9.1-r0
  • H
Improper Encoding or Escaping of Output

<8.9.1-r0
  • L
GHSA-wg6q-6289-32hp

<8.9.1-r0
  • H
Improper Encoding or Escaping of Output

<8.9.1-r0
  • L
CVE-2026-0636

<8.9.1-r0
  • L
GHSA-2m67-wjpj-xhg9

<8.9.0-r1
  • H
Allocation of Resources Without Limits or Throttling

<8.9.0-r1
  • L
GHSA-6v53-7c9g-w56r

<8.9.0-r1
  • L
GHSA-72hv-8253-57qq

<8.9.0-r1