Skip to content

Commit

Permalink
Update known vulnerabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@piotr-yuxuan
piotr-yuxuan committed Mar 11, 2024
1 parent 23b7d96 commit 79bc2d6
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion doc/known-vulnerabilities.csv
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
DependencyName,DependencyPath,Description,License,Md5,Sha1,Identifiers,CPE,CVE,CWE,Vulnerability,Source,CVSSv2_Severity,CVSSv2_Score,CVSSv2,CVSSv3_BaseSeverity,CVSSv3_BaseScore,CVSSv3,CPE Confidence,Evidence Count,VendorProject,Product,Name,DateAdded,ShortDescription,RequiredAction,DueDate,Notes
clojure-1.12.0-alpha9.jar,/home/runner/.m2/repository/org/clojure/clojure/1.12.0-alpha9/clojure-1.12.0-alpha9.jar,Clojure core environment and runtime library.,Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php,3000e584835a3aad2435633ee6a8e225,31efa299ef54260f1d1ac464633cc0ad30c29a5f,pkg:maven/org.clojure/[email protected],cpe:2.3:a:clojure:clojure:1.12.0:pha9:*:*:*:*:*:*,CVE-2024-22871,CWE-400 Uncontrolled Resource Consumption,An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.,OSSINDEX,,,,HIGH,7.5,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,HIGH,20,,,,,,,,
core.specs.alpha-0.2.62.jar,/home/runner/.m2/repository/org/clojure/core.specs.alpha/0.2.62/core.specs.alpha-0.2.62.jar,Specs for clojure.core,Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php,b1e37e6e8efdade6b7c2a4dd17c0d437,a2a7ea21a695561924bc8506f3feb5d8c8f894d5,pkg:maven/org.clojure/[email protected],cpe:2.3:a:clojure:clojure:0.2.62:*:*:*:*:*:*:*,CVE-2017-20189,CWE-502 Deserialization of Untrusted Data,"In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.",NVD,,,,CRITICAL,9.8,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A,HIGH,17,,,,,,,,
spec.alpha-0.3.218.jar,/home/runner/.m2/repository/org/clojure/spec.alpha/0.3.218/spec.alpha-0.3.218.jar,Specification of data and functions,Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php,ecdbb58e7a95163c1369ef9fa054013d,a7dad492f8d6cf657d82dcd6b31bda0899f1ac0e,pkg:maven/org.clojure/[email protected],cpe:2.3:a:clojure:clojure:0.3.218:*:*:*:*:*:*:*,CVE-2017-20189,CWE-502 Deserialization of Untrusted Data,"In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.",NVD,,,,CRITICAL,9.8,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A,HIGH,26,,,,,,,,

0 comments on commit 79bc2d6

Please sign in to comment.