pkg:maven/net.bull.javamelody/javamelody-core
Type
maven
Namespace
net.bull.javamelody
Name
javamelody-core
Known advisories, vulnerabilities and fixes for net.bull.javamelody/javamelody-core package.
Critical
2
Moderate
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.74.0 |
CVE-2018-15531
|
MAVEN:GHSA-6FVX-R7HX-3VH6 | JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. | critical |
2018-10-17T18:28:00
(6 years ago) |
|
Fixed | = 1.74.0 |
CVE-2018-15531
|
MAVEN:GHSA-6FVX-R7HX-3VH6 | JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. | critical |
2018-10-17T18:28:00
(6 years ago) |
|
Affected | < 1.61.0 |
CVE-2016-1000273
|
MAVEN:GHSA-CQHR-JQVC-QW9P | Java Melody vulnerable to cross-site scripting | critical |
2022-07-20T01:36:35
(2 years ago) |
|
Fixed | = 1.61.0 |
CVE-2016-1000273
|
MAVEN:GHSA-CQHR-JQVC-QW9P | Java Melody vulnerable to cross-site scripting | critical |
2022-07-20T01:36:35
(2 years ago) |
|
Affected | <= 1.60.0 |
CVE-2018-12432
|
MAVEN:GHSA-G66Q-GRXC-64J3 | Cross-site Scripting in JavaMelody | moderate |
2022-05-14T03:10:57
(2 years ago) |
|
Fixed | = 1.61.0 |
CVE-2018-12432
|
MAVEN:GHSA-G66Q-GRXC-64J3 | Cross-site Scripting in JavaMelody | moderate |
2022-05-14T03:10:57
(2 years ago) |
|
Affected | < 1.46.0 |
CVE-2013-4378
|
MAVEN:GHSA-P4MX-P49M-8RW4 | Improper Neutralization of Input During Web Page Generation in JavaMelody | moderate |
2022-05-17T05:02:46
(2 years ago) |
|
Fixed | = 1.46.0 |
CVE-2013-4378
|
MAVEN:GHSA-P4MX-P49M-8RW4 | Improper Neutralization of Input During Web Page Generation in JavaMelody | moderate |
2022-05-17T05:02:46
(2 years ago) |