Maven Package Vulnerabilities

All 3,043 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,793 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 651.com.alipay.sofa:hessian2 CVEs
  2. 652.com.amazonaws:aws-encryption-sdk-java2 CVEs
  3. 653.com.amazonaws:codedeploy2 CVEs
  4. 654.com.apica:ApicaLoadtest2 CVEs
  5. 655.com.barchart.jenkins:maven-release-cascade2 CVEs
  6. 656.com.blazemeter.plugins:BlazeMeterJenkinsPlugin2 CVEs
  7. 657.com.bstek.ureport:ureport2-console2 CVEs
  8. 658.com.cedarpolicy:cedar-java2 CVEs
  9. 659.com.charleskorn.kaml:kaml2 CVEs
  10. 660.com.compuware.jenkins:compuware-ispw-operations2 CVEs
  11. 661.com.compuware.jenkins:compuware-scm-downloader2 CVEs
  12. 662.com.compuware.jenkins:compuware-topaz-utilities2 CVEs
  13. 663.com.compuware.jenkins:compuware-xpediter-code-coverage2 CVEs
  14. 664.com.cronutils:cron-utils2 CVEs
  15. 665.com.drewnoakes:metadata-extractor2 CVEs
  16. 666.com.erudika:para-core2 CVEs
  17. 667.com.erudika:para-server2 CVEs
  18. 668.com.esotericsoftware.yamlbeans:yamlbeans2 CVEs
  19. 669.com.fasterxml.jackson.core:jackson-core2 CVEs
  20. 670.com.fasterxml.jackson.dataformat:jackson-dataformat-xml2 CVEs
  21. 671.com.gitblit:gitblit2 CVEs
  22. 672.com.github.liuyueyi.media:batik-codec-fix2 CVEs
  23. 673.com.github.psi-probe:psi-probe-core2 CVEs
  24. 674.com.googlecode.wicket-jquery-ui:wicket-jquery-ui-parent2 CVEs
  25. 675.com.google.oauth-client:google-oauth-client2 CVEs
  26. 676.com.google.protobuf:protobuf-kotlin-lite2 CVEs
  27. 677.com.inflectra.spiratest.plugins:inflectra-spira-integration2 CVEs
  28. 678.com.itextpdf:itextpdf2 CVEs
  29. 679.com.liferay:com.liferay.adaptive.media.web2 CVEs
  30. 680.com.liferay:com.liferay.asset.taglib2 CVEs
  31. 681.com.liferay:com.liferay.document.library.web2 CVEs
  32. 682.com.liferay:com.liferay.frontend.js.web2 CVEs
  33. 683.com.liferay:com.liferay.frontend.taglib2 CVEs
  34. 684.com.liferay:com.liferay.journal.web2 CVEs
  35. 685.com.liferay:com.liferay.layout.impl2 CVEs
  36. 686.com.liferay:com.liferay.layout.taglib2 CVEs
  37. 687.com.liferay:com.liferay.object.web2 CVEs
  38. 688.com.liferay:com.liferay.organizations.item.selector.web2 CVEs
  39. 689.com.liferay:com.liferay.portal.security.ldap.impl2 CVEs
  40. 690.com.liferay:com.liferay.portal.workflow.kaleo.designer.web2 CVEs
  41. 691.com.liferay:com.liferay.portal.workflow.kaleo.forms.web2 CVEs
  42. 692.com.liferay:com.liferay.server.admin.web2 CVEs
  43. 693.com.liferay:com.liferay.site.admin.web2 CVEs
  44. 694.com.liferay:com.liferay.translation.web2 CVEs
  45. 695.com.liferay.portal:com.liferay.util.java2 CVEs
  46. 696.com.liferay.portal:portal-impl2 CVEs
  47. 697.com.liferay.portal:portal-service2 CVEs
  48. 698.com.meowlomo.jenkins:scm-httpclient2 CVEs
  49. 699.commons-io:commons-io2 CVEs
  50. 700.com.nepxion:discovery2 CVEs

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →