pkg:maven/net.bull.javamelody/javamelody-core
Type
maven
Namespace
net.bull.javamelody
Name
javamelody-core
Known advisories, vulnerabilities and fixes for net.bull.javamelody/javamelody-core package.
Critical
2
Moderate
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 1.74.0 |
CVE-2018-15531
|
 MAVEN:GHSA-6FVX-R7HX-3VH6
|
JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. | critical |
2018-10-17T18:28:00
(6 years ago) |
|
| Fixed | = 1.74.0 |
CVE-2018-15531
|
MAVEN:GHSA-6FVX-R7HX-3VH6
|
JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. | critical |
2018-10-17T18:28:00
(6 years ago) |
|
| Affected | < 1.61.0 |
CVE-2016-1000273
|
MAVEN:GHSA-CQHR-JQVC-QW9P
|
Java Melody vulnerable to cross-site scripting | critical |
2022-07-20T01:36:35
(2 years ago) |
|
| Fixed | = 1.61.0 |
CVE-2016-1000273
|
MAVEN:GHSA-CQHR-JQVC-QW9P
|
Java Melody vulnerable to cross-site scripting | critical |
2022-07-20T01:36:35
(2 years ago) |
|
| Affected | <= 1.60.0 |
CVE-2018-12432
|
MAVEN:GHSA-G66Q-GRXC-64J3
|
Cross-site Scripting in JavaMelody | moderate |
2022-05-14T03:10:57
(2 years ago) |
|
| Fixed | = 1.61.0 |
CVE-2018-12432
|
MAVEN:GHSA-G66Q-GRXC-64J3
|
Cross-site Scripting in JavaMelody | moderate |
2022-05-14T03:10:57
(2 years ago) |
|
| Affected | < 1.46.0 |
CVE-2013-4378
|
MAVEN:GHSA-P4MX-P49M-8RW4
|
Improper Neutralization of Input During Web Page Generation in JavaMelody | moderate |
2022-05-17T05:02:46
(2 years ago) |
|
| Fixed | = 1.46.0 |
CVE-2013-4378
|
MAVEN:GHSA-P4MX-P49M-8RW4
|
Improper Neutralization of Input During Web Page Generation in JavaMelody | moderate |
2022-05-17T05:02:46
(2 years ago) |