Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
com.aliyun/actiontrail20200706 2.2.0 | Vul… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
com.aliyun
actiontrail20200706
2.2.0
actiontrail20200706 2.2.0
com.aliyun
Published
Feb 21, 2024
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Recommended upgrade that meets your policy.
Compare Versions
Overview
Overview
Versions
9
Versions
9
Vulnerabilities
9
Vulnerabilities
9
Dependencies
6
Dependencies
6
Severity
Critical
(0)
High
(4)
Medium
(5)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
6.3
CVE-2025-8885
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java . This issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.
affected
Severity
Medium
Published
Aug 13, 2025
6.9
sonatype-2025-001911
bouncycastle - Use of Weak Hash
affected
Severity
Medium
Published
Jun 6, 2025
6.9
sonatype-2025-000535
github.com/sigstore/sigstore-java (gson) - Stack-based Buffer Overflow [CVE-2025-53864]
affected
Severity
Medium
Published
7.5
CVE-2024-29857
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
affected
Severity
High
5.5
CVE-2023-33202
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
affected
Severity
Medium
7.5
CVE-2023-3635
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.
affected
Severity
High
Published
Jul 13, 2023
7.5
CVE-2022-41404
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
affected
Severity
High
Published
Oct 13, 2022
6.2
sonatype-2022-4262
okhttp - Information Disclosure [ CVE-2023-0833 ]
affected
Severity
Medium
Published
Jul 25, 2022
7.5
CVE-2021-0341
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
affected
Severity
High
Published
Feb 13, 2025
Published
Apr 10, 2024
Published
Nov 24, 2023
Feb 9, 2021
