GHSA-8m24-3cfx-9fjw: sp1 has insufficient observation of cumulative sum

GHSA-j857-2pwm-jjmm: Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

GHSA-7mr7-4f54-vcx5: HTTP Client uses incorrect token after refresh

GHSA-hfq9-hggm-c56q: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component `/sys/dict/queryTableData`. A patch was released in commit 0fc374.

**Package**

maven org.jeecgframework.boot:jeecg-boot-base-core (Maven)

**Affected versions**

<= 3.4.4

maven org.jeecgframework.boot:jeecg-module-system (Maven)

Headline

GHSA-6w89-c65w-jx2c: Jeecg-boot is vulnerable to SQL injection

Related news

ghsa: Latest News