Skip to main content

Pluto

4 CVEs product

Monthly

CVE-2024-45597 MEDIUM PATCH This Month

Pluto is a superset of Lua 5.4 with a focus on general-purpose programming. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pluto
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-15250 Maven MEDIUM POC PATCH This Month

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Java Information Disclosure Junit4 Debian Linux Pluto +1
NVD GitHub
CVSS 3.1
5.5
EPSS
1.7%
CVE-2019-0186 Maven MEDIUM POC PATCH THREAT This Month

The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Apache Pluto
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
20.6%
CVE-2018-1306 Maven HIGH POC PATCH THREAT This Week

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Apache Information Disclosure Pluto
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
43.9%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Pluto is a superset of Lua 5.4 with a focus on general-purpose programming. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pluto
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC PATCH This Month

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Java Information Disclosure Junit4 +3
NVD GitHub
EPSS 21% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Apache Pluto
NVD Exploit-DB
EPSS 44% CVSS 7.5
HIGH POC PATCH THREAT This Week

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Apache Information Disclosure +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy