org.dspace:dspace-jspui

Maven5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.dspace:dspace-jspuipage 1 of 1

CVE-2022-31189MEDIUMCVSS 5.3EG 5.3✓ Fixed in 6.4
2022-08-01
vulnerable: 4.0 ... 6.3 (33 versions)
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception (including st…
CVE-2022-31191HIGHCVSS 7.1EG 7.1✓ Fixed in 6.4
2022-08-01
vulnerable: 6.0, 6.1, 6.2, 6.3
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, b…
CVE-2022-31192HIGHCVSS 7.1EG 7.1✓ Fixed in 6.4
2022-08-01
vulnerable: 6.0, 6.1, 6.2, 6.3
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored …
CVE-2022-31193HIGHCVSS 7.1EG 7.1✓ Fixed in 6.4
2022-08-01
vulnerable: 6.0, 6.1, 6.2, 6.3
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where …
CVE-2022-31194HIGHCVSS 8.2EG 8.2✓ Fixed in 6.4
2022-08-01
vulnerable: 6.0, 6.1, 6.2, 6.3
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest…

Check whether org.dspace:dspace-jspui is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.dspace:dspace-jspui CVEs against the assets you own.

Start Free Scan →