/sicsdocs/releases/23.1/cve_security_reports/ Recent content in CVE security reports on Hugo -- gohugo.io /sicsdocs/releases/23.1/cve_security_reports/sics_adh_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_adh_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. /sicsdocs/releases/23.1/cve_security_reports/sics_api_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_api_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. /sicsdocs/releases/23.1/cve_security_reports/sics_batch_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_batch_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. /sicsdocs/releases/23.1/cve_security_reports/sics_desktop_app/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_desktop_app/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. /sicsdocs/releases/23.1/cve_security_reports/sics_emessaging_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_emessaging_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-34169 The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. /sicsdocs/releases/23.1/cve_security_reports/sics_java_launcher/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_java_launcher/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. No vulnerable dependencies found. This report was generated 21.03.2023, 01:30:53 UTC, using dependency-check version: 7.4.4. /sicsdocs/releases/23.1/cve_security_reports/sics_naming_service/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_naming_service/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. No vulnerable dependencies found. This report was generated 21.03.2023, 01:31:09 UTC, using dependency-check version: 7.4.4. /sicsdocs/releases/23.1/cve_security_reports/sics_operational_reporting_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_operational_reporting_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency CVE-2022-25844 The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1) This package has been deprecated and is no longer maintained. /sicsdocs/releases/23.1/cve_security_reports/sics_operational_reporting_solr_node/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_operational_reporting_solr_node/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-cookies.min.js End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-resource.min.js End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-route. /sicsdocs/releases/23.1/cve_security_reports/sics_search_server/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_search_server/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. No vulnerable dependencies found. This report was generated 21.03.2023, 01:32:22 UTC, using dependency-check version: 7.4.4. /sicsdocs/releases/23.1/cve_security_reports/sics_search_solr_node/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_search_solr_node/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. Name Description CWE CVSS v2.0 Severity CVSS v3.0 Severity Dependency End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-cookies.min.js End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-resource.min.js End-of-Life: Long term support for AngularJS has been discontinued End-of-Life: Long term support for AngularJS has been discontinued angular-route. /sicsdocs/releases/23.1/cve_security_reports/sics_docs/ Mon, 01 Jan 0001 00:00:00 +0000 /sicsdocs/releases/23.1/cve_security_reports/sics_docs/ The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community. No vulnerable dependencies found. This report was generated 21.03.2023, 01:33:33 UTC, using dependency-check version: 7.4.4.