apk package
chainguard/wso2is
pkg:apk/chainguard/wso2is
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-46392 | — | < 7.3.0-r0 | 7.3.0-r0 | May 9, 2025 | Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Co | ||
| CVE-2025-23184 | — | < 7.1.0-r1 | 7.1.0-r1 | Jan 21, 2025 | A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and client | ||
| CVE-2024-51504 | — | < 7.2.0-r0 | 7.2.0-r0 | Nov 7, 2024 | When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthentication | ||
| CVE-2024-6763 | — | < 7.3.0-r0 | 7.3.0-r0 | Oct 14, 2024 | Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro |
- CVE-2025-46392May 9, 2025affected < 7.3.0-r0fixed 7.3.0-r0
Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Co
- CVE-2025-23184Jan 21, 2025affected < 7.1.0-r1fixed 7.1.0-r1
A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and client
- CVE-2024-51504Nov 7, 2024affected < 7.2.0-r0fixed 7.2.0-r0
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthentication
- CVE-2024-6763Oct 14, 2024affected < 7.3.0-r0fixed 7.3.0-r0
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs fro
Page 2 of 2