| admin-center |
CVE-2024-8176 |
HIGH |
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat |
3.2.3 |
| admin-center |
CVE-2025-22235 |
HIGH |
org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed |
3.2.3 |
| admin-center |
CVE-2025-27820 |
HIGH |
org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass |
3.2.3 |
| admin-center |
CVE-2025-29087 |
HIGH |
sqlite: Integer Overflow in SQLite concat_ws Function |
3.2.3 |
| admin-center |
CVE-2025-31498 |
HIGH |
c-ares: c-ares has a use-after-free in read_answers() |
3.2.3 |
| auth-service |
CVE-2024-10039 |
HIGH |
keycloak-core: mTLS passthrough |
3.2.3 |
| auth-service |
CVE-2024-8176 |
HIGH |
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat |
3.2.3 |
| auth-service |
CVE-2025-22235 |
HIGH |
org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed |
3.2.3 |
| auth-service |
CVE-2025-27820 |
HIGH |
org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass |
3.2.3 |
| auth-service |
CVE-2025-29087 |
HIGH |
sqlite: Integer Overflow in SQLite concat_ws Function |
3.2.3 |
| auth-service |
CVE-2025-31498 |
HIGH |
c-ares: c-ares has a use-after-free in read_answers() |
3.2.3 |
| console |
CVE-2024-8176 |
HIGH |
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat |
3.2.3 |
| console |
CVE-2025-22235 |
HIGH |
org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed |
3.2.3 |
| console |
CVE-2025-29087 |
HIGH |
sqlite: Integer Overflow in SQLite concat_ws Function |
3.2.3 |
| console |
CVE-2025-31498 |
HIGH |
c-ares: c-ares has a use-after-free in read_answers() |
3.2.3 |
| gateway |
CVE-2024-8176 |
HIGH |
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat |
3.2.3 |
| gateway |
CVE-2025-22235 |
HIGH |
org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed |
3.2.3 |
| gateway |
CVE-2025-27820 |
HIGH |
org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass |
3.2.3 |
| gateway |
CVE-2025-29087 |
HIGH |
sqlite: Integer Overflow in SQLite concat_ws Function |
3.2.3 |
| gateway |
CVE-2025-31498 |
HIGH |
c-ares: c-ares has a use-after-free in read_answers() |
3.2.3 |
| sso-service |
CVE-2024-10039 |
HIGH |
keycloak-core: mTLS passthrough |
3.2.3 |
| sso-service |
CVE-2024-10270 |
HIGH |
org.keycloak:keycloak-services: Keycloak Denial of Service |
3.2.3 |
| sso-service |
CVE-2024-10451 |
HIGH |
org.keycloak:keycloak-quarkus-server: Sensitive Data Exposure in Keycloak Build Process |
3.2.3 |
| sso-service |
CVE-2024-12397 |
HIGH |
io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling |
3.2.3 |
| sso-service |
CVE-2025-24970 |
HIGH |
io.netty:netty-handler: SslHandler doesn’t correctly validate packets which can lead to native crash when using native SSLEngine |
3.2.3 |
| ai-service |
CVE-2025-31115 |
HIGH |
xz: XZ has a heap-use-after-free bug in threaded .xz decoder |
3.2.3 |
| ai-service |
CVE-2025-43859 |
CRITICAL |
h11: h11 accepts some malformed Chunked-Encoding bodies |
3.2.3 |
| viewer |
CVE-2025-21587 |
HIGH |
openjdk: Better TLS connection support (Oracle CPU 2025-04) |
3.2.3 |
| viewer |
CVE-2025-23083 |
HIGH |
nodejs: Node.js Worker Thread Exposure via Diagnostics Channel |
3.2.3 |
| viewer |
CVE-2025-29087 |
HIGH |
sqlite: Integer Overflow in SQLite concat_ws Function |
3.2.3 |
| viewer |
CVE-2025-31115 |
HIGH |
xz: XZ has a heap-use-after-free bug in threaded .xz decoder |
3.2.3 |