Search CVE reports
1 – 3 of 3 results
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.
1 affected package
clojure
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| clojure | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.
1 affected package
clojure
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| clojure | Not affected | Not affected | Not affected | Needs evaluation |
lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 `authority-regex` allows an attacker to send malicious URLs to be parsed by the `lambdaisland/uri` and return the wrong authority. This...
1 affected package
lambdaisland-uri-clojure
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lambdaisland-uri-clojure | Needs evaluation | Needs evaluation | Not in release | Not in release |