pkg:maven/org.xwiki.platform/xwiki-platform-icon-ui
Type
maven
Namespace
org.xwiki.platform
Name
xwiki-platform-icon-ui
Known advisories, vulnerabilities and fixes for org.xwiki.platform/xwiki-platform-icon-ui package.
Critical
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 14.0.0, < 14.4.2 >= 6.4-milestone-2, < 13.10.7 |
CVE-2022-41931
|
MAVEN:GHSA-5J7G-CF6R-G2H7 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui | critical |
2022-11-21T22:36:33
(22 months ago) |
|
Fixed | = 14.4.2 = 13.10.7 |
CVE-2022-41931
|
MAVEN:GHSA-5J7G-CF6R-G2H7 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui | critical |
2022-11-21T22:36:33
(22 months ago) |
|
Affected | >= 15.0-rc-1, < 15.2-rc-1 >= 6.2-milestone-1, < 14.10.6 |
CVE-2023-36470
|
MAVEN:GHSA-FM68-J7WW-H9XF | XWiki Platform vulnerable to Code Injection in icon themes | critical |
2023-06-30T20:41:57
(14 months ago) |
|
Fixed | = 15.2-rc-1 = 14.10.6 |
CVE-2023-36470
|
MAVEN:GHSA-FM68-J7WW-H9XF | XWiki Platform vulnerable to Code Injection in icon themes | critical |
2023-06-30T20:41:57
(14 months ago) |
|
Affected | >= 14.5, < 14.9 >= 14.0, < 14.4.6 >= 6.2-milestone-1, < 13.10.10 |
CVE-2023-26472
|
MAVEN:GHSA-VWR6-QP4Q-2WJ7 | XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | critical |
2023-03-03T22:48:57
(18 months ago) |
|
Fixed | = 14.9 = 14.4.6 = 13.10.10 |
CVE-2023-26472
|
MAVEN:GHSA-VWR6-QP4Q-2WJ7 | XWiki Platform vulnerable to privilege escalation via async macro and IconThemeSheet from the user profile | critical |
2023-03-03T22:48:57
(18 months ago) |