xmvn (SUSE:Linux Enterprise Module for Development Tools 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Development Tools 15 SP4 package xmvn, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-42550 — CVSS 6.6 (medium): In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious…
CVE-2023-46122 — CVSS 3.9 (low): sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file…