Maven Package Vulnerabilities

All 3,042 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,788 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 501.org.apache.kylin:kylin-common-server3 CVEs
  2. 502.org.apache.myfaces.core:myfaces-core-module3 CVEs
  3. 503.org.apache.neethi:neethi3 CVEs
  4. 504.org.apache.nifi:nifi-jms-processors3 CVEs
  5. 505.org.apache.olingo:odata-client-core3 CVEs
  6. 506.org.apache.oozie:oozie-core3 CVEs
  7. 507.org.apache.portals.jetspeed-2:jetspeed3 CVEs
  8. 508.org.apache.portals.pluto:pluto-portal3 CVEs
  9. 509.org.apache.pulsar:pulsar-proxy3 CVEs
  10. 510.org.apache.qpid:apache-qpid-broker-j3 CVEs
  11. 511.org.apache.shenyu:shenyu-admin3 CVEs
  12. 512.org.apache.shiro:shiro-spring3 CVEs
  13. 513.org.apache.sling:org.apache.sling.api3 CVEs
  14. 514.org.apache.sling:org.apache.sling.cms3 CVEs
  15. 515.org.apache.sling:org.apache.sling.xss3 CVEs
  16. 516.org.apache.sling:org.apache.sling.xss.compat3 CVEs
  17. 517.org.apache.sshd:sshd-common3 CVEs
  18. 518.org.apache.sshd:sshd-core3 CVEs
  19. 519.org.apache.struts:struts2-parent3 CVEs
  20. 520.org.apache.syncope:syncope3 CVEs
  21. 521.org.apache.tomcat:tomcat-jasper3 CVEs
  22. 522.org.apache.tomcat:tomcat-tribes3 CVEs
  23. 523.org.apache.unomi:unomi3 CVEs
  24. 524.org.apache.xmlrpc:xmlrpc3 CVEs
  25. 525.org.apache.zeppelin:zeppelin-interpreter3 CVEs
  26. 526.org.bitbucket.b_c:jose4j3 CVEs
  27. 527.org.bouncycastle:bcpkix-jdk18on3 CVEs
  28. 528.org.bouncycastle:bctls-fips3 CVEs
  29. 529.org.codehaus.groovy:groovy3 CVEs
  30. 530.org.codehaus.groovy:groovy-all3 CVEs
  31. 531.org.conjur.jenkins:conjur-credentials3 CVEs
  32. 532.org.craftercms:crafter-core3 CVEs
  33. 533.org.eclipse.jetty.http2:http2-common3 CVEs
  34. 534.org.eclipse.jetty:jetty-webapp3 CVEs
  35. 535.org.eclipse.jgit:org.eclipse.jgit3 CVEs
  36. 536.org.eclipse.lemminx:lemminx-parent3 CVEs
  37. 537.org.geoserver:gs-gwc3 CVEs
  38. 538.org.geoserver:gs-restconfig3 CVEs
  39. 539.org.glassfish:javax.faces3 CVEs
  40. 540.org.hibernate:hibernate-core3 CVEs
  41. 541.org.http4s:http4s-server_2.123 CVEs
  42. 542.org.jboss.resteasy:resteasy-jaxrs3 CVEs
  43. 543.org.jenkins-ci.plugins:anchore-container-scanner3 CVEs
  44. 544.org.jenkins-ci.plugins:ansible-tower3 CVEs
  45. 545.org.jenkins-ci.plugins:applitools-eyes3 CVEs
  46. 546.org.jenkins-ci.plugins:aqua-security-scanner3 CVEs
  47. 547.org.jenkins-ci.plugins:assembla-auth3 CVEs
  48. 548.org.jenkins-ci.plugins:audit2db3 CVEs
  49. 549.org.jenkins-ci.plugins:audit-trail3 CVEs
  50. 550.org.jenkins-ci.plugins:autocomplete-parameter3 CVEs

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →