com.cronutils:cron-utils

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.cronutils:cron-utilspage 1 of 1

CVE-2020-26238HIGHCVSS 7.9EG 7.9✓ Fixed in 9.1.3
2020-11-25
vulnerable: 1.0.0 ... 9.1.2 (48 versions)
Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. This enables attackers to inject arbitra…
CVE-2021-41269CRITICALCVSS 10.0EG 10.0✓ Fixed in 9.1.6
2021-11-15
vulnerable: 1.0.0 ... 9.1.5 (50 versions)
cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java …

Check whether com.cronutils:cron-utils is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.cronutils:cron-utils CVEs against the assets you own.

Start Free Scan →