Security Updates

• Eforms: Freemarker template execution injection
  04-04-2022      affects versions : 14.7, 13.4, 12.6


• Vulnerability disclosed in Apache James
  04-04-2022      affects versions : 14.7, 13.4, 12.6


• Vulnerability disclosed in Spring Framework
  04-04-2022      affects versions : 14.7, 13.4


• XSS vulnerability in CMS context-menu and the repository StatusServlet
  04-04-2022      affects versions : 14.7, 13.4


• Vulnerability disclosed in Netty
  04-04-2022      affects versions : 14.7, 13.4, 12.6


• DOS vulnerability in log4j < 2.17.0
  20-12-2021      affects versions : 14.7, 13.4, 12.6


• DOS vulnerability in log4j < 2.16.0
  15-12-2021      affects versions : 14.7, 14.6, 13.4, 12.6


• Vulnerability disclosed in Spring Framework
  13-12-2021      affects versions : 14.6, 13.4


• jackson-dataformat-cbor-2.10.1.jar vulnerability
  13-12-2021      affects versions : 14.6, 13.4


• Stored cross-site scripting found in edit author page
  13-12-2021      affects versions : 14.6


• Insecure file upload - Stored cross-site scripting
  13-12-2021      affects versions : 14.6, 13.4, 12.6


• Bootstrap sass vulnerability
  13-12-2021      affects versions : 14.6


• Bootstrap sass vulnerability
  13-12-2021      affects versions : 13.4


• jsoup-1.11.2.jar vulnerablity
  13-12-2021      affects versions : 14.6


• CKeditor: XSS vulnerability in the Clipboard plugin
  13-12-2021      affects versions : 14.6


• CKEditor target blank vulnerability
  13-12-2021      affects versions : 14.6


• jakarta.el-3.0.3.jar vulnerability
  13-12-2021      affects versions : 14.6


• Jetty vulnerability
  13-12-2021      affects versions : 14.6, 13.4, 12.6


• Blue imp vulnerability
  13-12-2021      affects versions : 14.6, 13.4, 12.6


• log4j remote code execution
  13-12-2021      affects versions : 14.7, 14.6, 13.4, 12.6


• JDOM XXE vulnerability
  21-09-2021      affects versions : 14.6, 13.4, 12.6


• json-smart error-handling vulnerability
  21-09-2021      affects versions : 14.6, 13.4, 12.6


• spring-security SecurityContext vulnerability
  21-09-2021      affects versions : 13.4, 12.6


• Maven repository access vulnerability
  21-09-2021      affects versions : 14.6


• Xmldom vulnerability
  21-09-2021      affects versions : 14.6

• Previous
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• Next