CVE Security Report - SICS Naming Service
The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community.
| Name | Description | CWE | CVSS v2.0 Severity | CVSS v3.0 Severity | Dependency |
|---|---|---|---|---|---|
| CVE-2020-29242 | dhowden tag before 2020-11-19 allows 'panic: runtime error: index out of range' via readPICFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-1.2.6.jar |
| CVE-2020-29243 | dhowden tag before 2020-11-19 allows 'panic: runtime error: index out of range' via readAPICFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-1.2.6.jar |
| CVE-2020-29244 | dhowden tag before 2020-11-19 allows 'panic: runtime error: slice bounds out of range' via readTextWithDescrFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-1.2.6.jar |
| CVE-2020-29245 | dhowden tag before 2020-11-19 allows 'panic: runtime error: slice bounds out of range' via readAtomData. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-1.2.6.jar |
| CVE-2020-29242 | dhowden tag before 2020-11-19 allows 'panic: runtime error: index out of range' via readPICFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-api-1.2.4.jar |
| CVE-2020-29243 | dhowden tag before 2020-11-19 allows 'panic: runtime error: index out of range' via readAPICFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-api-1.2.4.jar |
| CVE-2020-29244 | dhowden tag before 2020-11-19 allows 'panic: runtime error: slice bounds out of range' via readTextWithDescrFrame. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-api-1.2.4.jar |
| CVE-2020-29245 | dhowden tag before 2020-11-19 allows 'panic: runtime error: slice bounds out of range' via readAtomData. | CWE-129 | MEDIUM | MEDIUM | jakarta.servlet.jsp.jstl-api-1.2.4.jar |
| CVE-2008-1997 | Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699. IBM link requires login credentials. | CWE-94 | HIGH | jcc-11.5.5.0.jar |
This report was generated 23.03.2021, 06:09:07 UTC, using dependency-check version: 6.0.3.