Maven Package Vulnerabilities

All 3,043 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,793 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 701.com.ning:async-http-client2 CVEs
  2. 702.com.okta.sdk:okta-sdk-root2 CVEs
  3. 703.com.openmake:deployhub2 CVEs
  4. 704.com.openshift.jenkins:openshift-pipeline2 CVEs
  5. 705.com.opensymphony:xwork2 CVEs
  6. 706.com.orientechnologies:orientdb-studio2 CVEs
  7. 707.com.paul8620.jenkins.plugins:pipeline-aggregator-view2 CVEs
  8. 708.com.powsybl:powsybl-commons2 CVEs
  9. 709.com.puppycrawl.tools:checkstyle2 CVEs
  10. 710.com.qualys.plugins:qualys-pc2 CVEs
  11. 711.com.qualys.plugins:qualys-was2 CVEs
  12. 712.com.rabbitmq:amqp-client2 CVEs
  13. 713.com.redgate.plugins.redgatesqlci:redgate-sql-ci2 CVEs
  14. 714.com.softwaremill.akka-http-session:core_2.122 CVEs
  15. 715.com.sonyericsson.hudson.plugins.rebuild:rebuild2 CVEs
  16. 716.com.sparkjava:spark-core2 CVEs
  17. 717.com.squareup.okhttp3:okhttp2 CVEs
  18. 718.com.squareup.retrofit2:retrofit2 CVEs
  19. 719.com.squareup.wire:wire-runtime2 CVEs
  20. 720.com.typesafe.akka:akka-http-core2 CVEs
  21. 721.com.typesafe.akka:akka-http-core_2.132 CVEs
  22. 722.com.typesafe.play:play_2.132 CVEs
  23. 723.com.typesafe.play:play-java2 CVEs
  24. 724.com.veracode.jenkins:veracode-scan2 CVEs
  25. 725.com.xebialabs.xlt.ci:xltestview-plugin2 CVEs
  26. 726.com.xuxueli:xxl-rpc-core2 CVEs
  27. 727.com.xuxueli:xxl-sso2 CVEs
  28. 728.com.xwiki.confluencepro:application-confluence-migrator-pro-ui2 CVEs
  29. 729.com.zintow:dingding-json-pusher2 CVEs
  30. 730.de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator2 CVEs
  31. 731.dev.dsf:dsf-bpe-server2 CVEs
  32. 732.dev.sigstore:sigstore-java2 CVEs
  33. 733.de.wellnerbou.jenkins:git-changelog2 CVEs
  34. 734.dom4j:dom4j2 CVEs
  35. 735.eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin2 CVEs
  36. 736.hudson.plugins.octopusdeploy:octopusdeploy2 CVEs
  37. 737.io.airlift:aircompressor2 CVEs
  38. 738.io.alauda.jenkins.plugins:alauda-kubernetes-support2 CVEs
  39. 739.io.apiman:apiman-manager-api-rest-impl2 CVEs
  40. 740.io.dataease:common2 CVEs
  41. 741.io.dropwizard:dropwizard-validation2 CVEs
  42. 742.io.fabric8:kubernetes-client2 CVEs
  43. 743.io.github.talelin:lin-cms-core2 CVEs
  44. 744.io.gravitee.apim:gravitee-api-management2 CVEs
  45. 745.io.jenkins.blueocean:blueocean-parent2 CVEs
  46. 746.io.jenkins.plugins:agent-server-parameter2 CVEs
  47. 747.io.jenkins.plugins:autonomiq2 CVEs
  48. 748.io.jenkins.plugins:benchmark-evaluator2 CVEs
  49. 749.io.jenkins.plugins:byteguard-build-actions2 CVEs
  50. 750.io.jenkins.plugins:chaos-monkey2 CVEs

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →