Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Cross-site Scripting (XSS)
org.webjars.npm:primeng [0,] Maven 23 Jan, 2020
  • H
Reflected File Download (RFD)
org.springframework:spring-webflux [5.2.0, 5.2.3),[5.1.0, 5.1.13),[5.0.0, 5.0.16) Maven 22 Jan, 2020
  • H
Reflected File Download (RFD)
org.springframework:spring-webmvc [5.2.0, 5.2.3),[5.1.0, 5.1.13),[5.0.0, 5.0.16) Maven 22 Jan, 2020
  • M
Cross-Site Request Forgery (CSRF)
org.springframework:spring-webflux [5.2.0, 5.2.3) Maven 22 Jan, 2020
  • M
Cross-Site Request Forgery (CSRF)
org.springframework:spring-webmvc [5.2.0, 5.2.3) Maven 22 Jan, 2020
  • M
Credential Exposure
org.jenkins-ci.plugins:redgate-sql-ci [,2.0.5) Maven 20 Jan, 2020
  • H
XML External Entity (XXE) Injection
org.jenkins-ci.plugins:robot [,2.0.1) Maven 20 Jan, 2020
  • L
Cross-Site Request Forgery (CSRF)
org.jenkins-ci.plugins:ec2 [,1.48) Maven 20 Jan, 2020
  • M
Cross-Site Request Forgery (CSRF)
org.jenkins-ci.plugins:cloudbees-jenkins-advisor [,3.0.1) Maven 20 Jan, 2020
  • H
Cross-Site Request Forgery (CSRF)
org.jenkins-ci.plugins:sounds [0,] Maven 20 Jan, 2020
  • M
Cross-site Scripting (XSS)
org.jenkins-ci.plugins:gitlab-hook [0,] Maven 20 Jan, 2020
  • H
Deserialization of Untrusted Data
org.apache.xmlrpc:xmlrpc [3.1,) Maven 20 Jan, 2020
  • H
Deserialization of Untrusted Data
org.apache.xmlrpc:xmlrpc-client [3.1,) Maven 20 Jan, 2020
  • M
Cross-site Scripting (XSS)
org.apache.cxf:cxf-bundle [3.0.0-milestone2,] Maven 19 Jan, 2020
  • M
Cross-site Scripting (XSS)
org.apache.cxf:cxf-rt-transports-http [,3.2.12),[3.3.0, 3.3.5) Maven 19 Jan, 2020
  • M
Information Exposure
org.apache.cxf:cxf-rt-rs-security-jose [,3.2.12),[3.3.0, 3.3.5) Maven 19 Jan, 2020
  • L
Information Disclosure
org.webjars.bowergithub.jonschlinkert:kind-of [6.0.0, 6.0.3) Maven 19 Jan, 2020
  • L
Information Disclosure
org.webjars.npm:kind-of [6.0.0, 6.0.3) Maven 19 Jan, 2020
  • H
HTTP Request Smuggling
org.jboss.resteasy:resteasy-jaxrs [3.1.0.Beta1,3.5.0.CR1),[,3.0.25.Final) Maven 19 Jan, 2020
  • M
Denial of Service (DoS)
org.webjars.npm:node-sass [3.3.0,) Maven 19 Jan, 2020
  • M
Information Exposure
org.apache.kafka:kafka [2.0.0,2.0.2),[2.1.0,2.1.2),[2.3.0,2.3.1) Maven 15 Jan, 2020
  • M
Server-Side Request Forgery (SSRF)
org.apache.olingo:odata-client-core [,4.7.1) Maven 13 Jan, 2020
  • H
Arbitrary Code Injection
org.webjars.npm:hot-formula-parser [,3.0.1) Maven 10 Jan, 2020
  • M
Insufficient Signature Validation
com.itextpdf:sign [,7.1.5) Maven 09 Jan, 2020
  • M
Denial of Service (DoS)
com.itextpdf:kernel [,7.1.7) Maven 09 Jan, 2020
  • M
Cross-site Scripting (XSS)
org.apache.atlas:apache-atlas [,0.8.4),[1.0.0,1.2.0) Maven 09 Jan, 2020
  • M
Cross-site Scripting (XSS)
org.hibernate.validator:hibernate-validator [,6.1.0.Final) Maven 09 Jan, 2020
  • M
Missing Encryption
org.jenkins-ci.plugins:vmanager-plugin [,2.7.1) Maven 09 Jan, 2020
  • H
Sandbox Bypass
org.jenkins-ci.plugins:script-security [,1.68) Maven 09 Jan, 2020
  • H
Cross-site Scripting (XSS)
stroom:stroom-app [,5.5.12),[6.0.0,6.0.25) Maven 09 Jan, 2020