com.linecorp.armeria:armeria

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.linecorp.armeria:armeriapage 1 of 1

CVE-2019-16771MEDIUMCVSS 4.8EG 4.8✓ Fixed in 0.97.0
2019-12-06
vulnerable: 0.50.0 ... 0.96.0 (75 versions)
Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of a…
CVE-2021-43795HIGHCVSS 7.5EG 7.5✓ Fixed in 1.13.4
2021-12-02
vulnerable: 1.12.0, 1.13.0, 1.13.1, 1.13.2, 1.13.3
Armeria is an open source microservice framework. In affected versions an attacker can access an Armeria server's local file system beyond its restricted directory by sending an HTTP request whose path contains `%2F` (encoded `/`), such as…
CVE-2023-38493HIGHCVSS 7.5EG 7.5✓ Fixed in 1.24.3
2023-07-25
vulnerable: 0.10.0.Final ... 1.9.2 (220 versions)
Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version…

Check whether com.linecorp.armeria:armeria is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.linecorp.armeria:armeria CVEs against the assets you own.

Start Free Scan →