pkg:maven/org.owasp.esapi/esapi
Type
maven
Namespace
org.owasp.esapi
Name
esapi
Known advisories, vulnerabilities and fixes for org.owasp.esapi/esapi package.
High
3
Moderate
3
Low
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 2.0.0.0, <= 2.1.0.0 |
CVE-2013-5960
|
 MAVEN:GHSA-2G56-7JV7-WXXQ
|
Missing Cryptographic Step in OWASP Enterprise Security API for Java | moderate |
2022-05-14T01:37:06
(2 years ago) |
|
| Fixed | = 2.1.0.1 |
CVE-2013-5960
|
MAVEN:GHSA-2G56-7JV7-WXXQ
|
Missing Cryptographic Step in OWASP Enterprise Security API for Java | moderate |
2022-05-14T01:37:06
(2 years ago) |
|
| Affected | < 2.0GA |
CVE-2010-3300
|
MAVEN:GHSA-3GP6-HHFW-4GQX
|
Padding oracle attacks | moderate |
2021-08-13T15:22:24
(3 years ago) |
|
| Fixed | = 2.0GA |
CVE-2010-3300
|
MAVEN:GHSA-3GP6-HHFW-4GQX
|
Padding oracle attacks | moderate |
2021-08-13T15:22:24
(3 years ago) |
|
| Affected | < 2.5.2.0 |
MAVEN:GHSA-7C2Q-5QMR-V76Q
|
DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998 | high |
2023-10-27T21:55:44
(10 months ago) |
||
| Fixed | = 2.5.2.0 |
MAVEN:GHSA-7C2Q-5QMR-V76Q
|
DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998 | high |
2023-10-27T21:55:44
(10 months ago) |
||
| Affected | <= 2.2.3.1 |
CVE-2022-23457
|
MAVEN:GHSA-8M5H-HRQM-PXM2
|
Path traversal in the OWASP Enterprise Security API | high |
2022-04-27T21:09:43
(2 years ago) |
|
| Fixed | = 2.3.0.0 |
CVE-2022-23457
|
MAVEN:GHSA-8M5H-HRQM-PXM2
|
Path traversal in the OWASP Enterprise Security API | high |
2022-04-27T21:09:43
(2 years ago) |
|
| Affected | >= 2.0.0, < 2.1.0 |
CVE-2013-5679
|
MAVEN:GHSA-JCP9-796G-PV9P
|
Missing Cryptographic Step in OWASP Enterprise Security API for Java | low |
2022-05-17T03:56:06
(2 years ago) |
|
| Fixed | = 2.1.0 |
CVE-2013-5679
|
MAVEN:GHSA-JCP9-796G-PV9P
|
Missing Cryptographic Step in OWASP Enterprise Security API for Java | low |
2022-05-17T03:56:06
(2 years ago) |
|
| Affected | <= 2.2.3.1 |
CVE-2022-24891
|
MAVEN:GHSA-Q77Q-VX4Q-XX6Q
|
Cross-site Scripting in org.owasp.esapi:esapi | moderate |
2022-04-27T21:09:46
(2 years ago) |
|
| Fixed | = 2.3.0.0 |
CVE-2022-24891
|
MAVEN:GHSA-Q77Q-VX4Q-XX6Q
|
Cross-site Scripting in org.owasp.esapi:esapi | moderate |
2022-04-27T21:09:46
(2 years ago) |
|
| Affected | <= 2.5.3.0 |
MAVEN:GHSA-R68H-JHHJ-9JVM
|
Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year | high |
2023-11-27T17:25:46
(9 months ago) |