Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jhipster generator-jhipster vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-24815
JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option "reactive with Spring WebFlux" enabled and an SQL d...
Jhipster Generator-jhipster
1 Github repository
7.5
CVSSv3
CVE-2015-20110
JHipster generator-jhipster prior to 2.23.0 allows a timing attack against validateToken due to a string comparison that stops at the first character that is different. Attackers can guess tokens by brute forcing one character at a time and observing the timing. This of course dr...
Jhipster Jhipster
5.3
CVSSv3
CVE-2020-4072
In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user and the api is public this can be used by an malicious user to forge log entries. This is vulnerable to https://cwe.mitre.org/data/definition...
Jhipster Generator-jhipster-kotlin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started