Maven package
tech.powerjob/powerjob
pkg:maven/tech.powerjob/powerjob
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-11580 | — | <= 5.1.2 | — | Oct 10, 2025 | A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||
| CVE-2023-36106 | — | <= 4.3.2 | — | Aug 17, 2023 | An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list. | ||
| CVE-2023-29924 | — | <= 4.3.6 | — | Apr 21, 2023 | PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution. | ||
| CVE-2023-29926 | — | <= 4.3.2 | — | Apr 20, 2023 | PowerJob V4.3.2 has unauthorized interface that causes remote code execution. | ||
| CVE-2023-29923 | — | <= 4.3.1 | — | Apr 19, 2023 | PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. | ||
| CVE-2023-29922 | — | <= 4.3.9 | — | Apr 19, 2023 | PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface. | ||
| CVE-2023-29921 | — | <= 4.3.6 | — | Apr 19, 2023 | PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface. |
- CVE-2025-11580Oct 10, 2025affected <= 5.1.2
A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
- CVE-2023-36106Aug 17, 2023affected <= 4.3.2
An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.
- CVE-2023-29924Apr 21, 2023affected <= 4.3.6
PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution.
- CVE-2023-29926Apr 20, 2023affected <= 4.3.2
PowerJob V4.3.2 has unauthorized interface that causes remote code execution.
- CVE-2023-29923Apr 19, 2023affected <= 4.3.1
PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface.
- CVE-2023-29922Apr 19, 2023affected <= 4.3.9
PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.
- CVE-2023-29921Apr 19, 2023affected <= 4.3.6
PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface.