io.goobi.viewer:viewer-core
Maven4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting io.goobi.viewer:viewer-corepage 1 of 1
- CVE-2023-29014MEDIUMCVSS 6.1EG 6.1✓ Fixed in 23.032023-04-06
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID…
- CVE-2023-29015MEDIUMCVSS 6.1EG 6.1✓ Fixed in 23.032023-04-06
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An att…
- CVE-2023-29016MEDIUMCVSS 6.1EG 6.1✓ Fixed in 23.032023-04-06
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker c…
- CVE-2026-45083CRITICALCVSS 9.8EG 9.82026-05-27
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression f…
Check whether io.goobi.viewer:viewer-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for io.goobi.viewer:viewer-core CVEs against the assets you own.
Start Free Scan →