Vulnerability Directory
If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
High
Apache Spark
Apache Spark
Command Injection
>=3.2.0 <=3.2.1 >=3.1.1 <=3.1.3 <=3.0.3
Apr 9, 2025
Critical
Apache Camel
Apache Camel
Remote Code Execution
>=3.0.0 <=3.1.0 2.25.0 2.24.x 2.23.x 2.22.x
Apr 7, 2025
High
.NET
ASP.NET Core Runtime; Microsoft.AspNetCore.Identity
Weak Authentication
ASP.NET Core: >= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.13 >= 9.0.0 <= 9.0.2 Microsoft.AspNetCore.Identity: <= 2.3.0
Apr 4, 2025
High
.NET
.NET Runtime
Buffer Over-read
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
.NET Runtime
Creation of Temporary File in Directory with Insecure Permissions
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
.NET Runtime
Heap-based Buffer Overflow
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
ASP.NET Core Runtime
Use After Free
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.8 >= 9.0.0-preview.1.24081.5 <= 9.0.0.RC.1
Apr 4, 2025
Critical
.NET
ASP.NET Core Runtime
Use After Free
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.6
Apr 4, 2025
Critical
Next.js
Next.js
Authorization Bypass
>=11.1.4 <12.3.5, >=13.0.0 <13.5.9, >=14.0.0 <14.2.25, >=15.0.0 <15.2.3
Mar 23, 2025
Medium
Apache Solr & Lucene
Apache Lucene
Remote Code Execution
>=4.4.0 <9.12.0
Mar 21, 2025
High
Spring
Spring Security
Authorization Bypass
<=5.6.12, >=5.7.0 <5.7.16, >=5.8.0 <5.8.18, >=6.0.0 <=6.0.16, >=6.1.0 <6.1.14, >=6.2.0 <6.2.10, >=6.3.0 <6.3.8, >=6.4.0 <6.4.4
Mar 20, 2025
No results found
Please enter a valid Vulnerability ID number or Technology name.