Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Incorrect Authorization 		org.elasticsearch.plugin:x-pack-core [8.10.0,8.13.0) Maven 28 Mar 2024
  • M
Incorrect Authorization 		org.elasticsearch:elasticsearch [8.10.0,8.13.0) Maven 28 Mar 2024
  • M
Uncontrolled Recursion 		org.elasticsearch:elasticsearch [,7.17.19) [8.0.0-alpha1,8.13.0) Maven 27 Mar 2024
  • M
SQL Injection 		org.webjars.npm:pg-promise [0,] Maven 27 Mar 2024
  • H
Improper Privilege Management 		org.igniterealtime.openfire:xmppserver [0,] Maven 27 Mar 2024
  • M
Use of Cache Containing Sensitive Information 		org.igniterealtime.openfire:xmppserver [0,] Maven 27 Mar 2024
  • M
Cross-Site Scripting (XSS) 		org.webjars:tinymce [0,] Maven 27 Mar 2024
  • M
Cross-Site Scripting (XSS) 		org.webjars.npm:tinymce [,7.0.0) Maven 27 Mar 2024
  • M
Cross-Site Scripting (XSS) 		org.webjars.bower:tinymce [0,] Maven 27 Mar 2024
  • M
Cross-site Scripting (XSS) 		org.webjars:tinymce [0,] Maven 27 Mar 2024
  • M
Cross-site Scripting (XSS) 		org.webjars.npm:tinymce [,7.0.0) Maven 27 Mar 2024
  • M
Cross-site Scripting (XSS) 		org.webjars.bower:tinymce [0,] Maven 27 Mar 2024
  • M
Open Redirect 		org.webjars.npm:express [0,] Maven 26 Mar 2024
  • M
Allocation of Resources Without Limits or Throttling 		io.netty:netty-codec-http [,4.1.108.Final) Maven 26 Mar 2024
  • H
Denial of Service (DoS) 		com.typesafe.akka:akka-http-core_2.12 [,10.5.3) Maven 24 Mar 2024
  • H
Denial of Service (DoS) 		com.typesafe.akka:akka-http-core_2.13 [,10.5.3) Maven 24 Mar 2024
  • H
Path Traversal 		org.webjars.npm:webpack-dev-middleware [0,] Maven 22 Mar 2024
  • H
Out-of-Bounds Write 		org.apache.commons:commons-configuration2 [2.0.0,2.10.1) Maven 21 Mar 2024
  • H
Out-of-Bounds Write 		org.apache.commons:commons-configuration2 [2.0.0,2.10.1) Maven 21 Mar 2024
  • L
Improper Input Validation 		org.apache.hop:hop-engine [,2.8.0) Maven 20 Mar 2024
  • M
Cross-Site Request Forgery (CSRF) 		org.apache.wicket:wicket-core [9.1.0,9.17.0) [10.0.0-M1,10.0.0) Maven 20 Mar 2024
  • M
Improper Authentication 		org.springframework.security:spring-security-oauth2-authorization-server [,1.0.6) [1.1.0,1.1.6) [1.2.0,1.2.3) Maven 20 Mar 2024
  • H
Improper Access Control 		org.springframework.security:spring-security-core [,5.7.12) [5.8.0,5.8.11) [6.0.0,6.0.10) [6.1.0,6.1.8) [6.2.0,6.2.3) Maven 18 Mar 2024
  • H
Code Injection 		org.open-metadata:openmetadata-service [,1.3.1) Maven 18 Mar 2024
  • C
Improper Authentication 		org.open-metadata:openmetadata-service [,1.2.4) Maven 18 Mar 2024
  • M
Improper Privilege Management 		net.snowflake:snowflake-hive-metastore-connector [0,] Maven 18 Mar 2024
  • H
Remote Code Execution (RCE) 		org.open-metadata:openmetadata-service [,1.2.4) Maven 18 Mar 2024
  • H
Expression Language Injection 		org.open-metadata:openmetadata-service [,1.2.4) Maven 18 Mar 2024
  • M
Cross-site Scripting (XSS) 		org.fitnesse:fitnesse [,20220319) Maven 18 Mar 2024
  • H
Expression Language Injection 		org.open-metadata:openmetadata-service [,1.2.4) Maven 18 Mar 2024