Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
User Impersonation
org.jenkins-ci.plugins:github-oauth [0.29, 0.31) Maven 06 Feb, 2019
  • M
Directory Traversal
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 23 Jan, 2019
  • H
Remote Code Execution
com.alibaba:fastjson [,1.2.25) Maven 23 Jan, 2019
  • L
Cryptographic Issues - Insufficient Entropy
org.apache.kafka:kafka-clients [2.1.0,2.1.1) Maven 22 Jan, 2019
  • H
Sandbox Bypass
org.jenkins-ci.plugins:script-security [,1.50) Maven 22 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.springframework.integration:spring-integration-xml [5.1.0,5.1.2),[5.0.0,5.0.11),[,4.3.19) Maven 16 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.springframework.integration:spring-integration-ws [5.1.0,5.1.2),[5.0.0,5.0.11),[,4.3.19) Maven 16 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.springframework.ws:spring-xml [,2.4.4),[3.0.0,3.0.6) Maven 16 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.springframework.ws:spring-ws-core [,2.4.4),[3.0.0,3.0.6) Maven 16 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.springframework.batch:spring-batch-core [4.1.0,4.1.1),[4.0.0,4.0.2),[,3.0.10) Maven 16 Jan, 2019
  • M
Information Exposure
org.primefaces:primefaces [0,] Maven 14 Jan, 2019
  • M
Ephemeral User Record Creation
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 09 Jan, 2019
  • M
Arbitrary File Write
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 09 Jan, 2019
  • M
Session Fixation
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 09 Jan, 2019
  • L
Information Exposure
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 09 Jan, 2019
  • M
Cross-site Scripting (XSS)
org.jenkins-ci.main:jenkins-core [,2.138.2),[2.140, 2.146) Maven 09 Jan, 2019
  • H
XML External Entity (XXE) Injection
org.traccar:traccar [,4.2] Maven 09 Jan, 2019
  • M
XML External Entity (XXE) Injection
org.apache.karaf.specs:org.apache.karaf.specs.java.xml [,4.1.7),[4.2.0, 4.2.2) Maven 08 Jan, 2019
  • M
Remote Code Execution
com.hubspot.jinjava: jinjava [,2.4.6) Maven 06 Jan, 2019
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [2.0.0, 2.9.8) Maven 03 Jan, 2019
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [2.0.0, 2.9.8) Maven 03 Jan, 2019
  • H
Deserialization of Untrusted Data
com.fasterxml.jackson.core:jackson-databind [2.0.0, 2.9.8) Maven 03 Jan, 2019
  • M
Cross-site Scripting (XSS)
org.hswebframework.web:hsweb-system-workflow-local [,3.0.5) Maven 30 Dec, 2018
  • M
Cross-site Request Forgery (CSRF)
org.hswebframework.web:hsweb-system-oauth2-client-web [,3.0.5) Maven 30 Dec, 2018
  • M
Denial of Service (DoS)
org.apache.tika:tika-core [1.8,1.20) Maven 30 Dec, 2018
  • M
Insecure Randomness
com.github.penggle:kaptcha [0,] Maven 25 Dec, 2018
  • H
XML External Entity (XXE) Injection
net.runelite:http-service [0,] Maven 24 Dec, 2018
  • M
XML External Entity (XXE) Injection
org.openrefine:openrefine [0,] Maven 24 Dec, 2018
  • M
XML External Entity (XXE) Injection
com.github.binarywang:weixin-java-common [3.2.0,3.3.0) Maven 24 Dec, 2018
  • H
User Impersonation
org.apache.oozie:oozie-core [3.1.3, 5.0.1) Maven 24 Dec, 2018