Maven Package Vulnerabilities
All 3,051 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,816 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 801.org.alluxio:alluxio-parent2 CVEs
- 802.org.apache.activemq:activemq-jaas2 CVEs
- 803.org.apache.activemq:activemq-mqtt2 CVEs
- 804.org.apache.activemq:activemq-openwire-legacy2 CVEs
- 805.org.apache.activemq:apache-artemis2 CVEs
- 806.org.apache.activemq:artemis-core-client2 CVEs
- 807.org.apache.activemq:artemis-openwire-protocol2 CVEs
- 808.org.apache.avro:avro2 CVEs
- 809.org.apache.axis2.wso2:axis22 CVEs
- 810.org.apache.brooklyn:brooklyn2 CVEs
- 811.org.apache.camel:camel-coap2 CVEs
- 812.org.apache.camel:camel-infinispan2 CVEs
- 813.org.apache.camel:camel-mail2 CVEs
- 814.org.apache.camel:camel-support2 CVEs
- 815.org.apache.cocoon:cocoon2 CVEs
- 816.org.apache.commons:commons-email2 CVEs
- 817.org.apache.commons:commons-vfs22 CVEs
- 818.org.apache.continuum:continuum2 CVEs
- 819.org.apache.cxf:cxf-rt-transports-jms2 CVEs
- 820.org.apache.cxf.fediz:fediz-jetty82 CVEs
- 821.org.apache.cxf.fediz:fediz-jetty92 CVEs
- 822.org.apache.cxf.fediz:fediz-spring32 CVEs
- 823.org.apache.dolphinscheduler:dolphinscheduler-common2 CVEs
- 824.org.apache.dolphinscheduler:dolphinscheduler-master2 CVEs
- 825.org.apache.druid:druid-core2 CVEs
- 826.org.apache.dubbo:dubbo-parent2 CVEs
- 827.org.apache.gobblin:gobblin-core2 CVEs
- 828.org.apache.guacamole:guacamole-common2 CVEs
- 829.org.apache.hbase:hbase2 CVEs
- 830.org.apache.helix:helix2 CVEs
- 831.org.apache.httpcomponents.client5:httpclient52 CVEs
- 832.org.apache.hugegraph:hugegraph-api2 CVEs
- 833.org.apache.inlong:manager-test2 CVEs
- 834.org.apache.iotdb:iotdb-grafana-connector2 CVEs
- 835.org.apache.iotdb:iotdb-parent2 CVEs
- 836.org.apache.iotdb:iotdb-server2 CVEs
- 837.org.apache.isis.core:isis-core2 CVEs
- 838.org.apache.jena:jena-fuseki2 CVEs
- 839.org.apache.juddi:juddi-client2 CVEs
- 840.org.apache.kafka:kafka_2.102 CVEs
- 841.org.apache.karaf.management:org.apache.karaf.management.server2 CVEs
- 842.org.apache.kylin:kylin-common-service2 CVEs
- 843.org.apache.kylin:kylin-core-metadata2 CVEs
- 844.org.apache.kylin:kylin-ops-server2 CVEs
- 845.org.apache.kylin:kylin-server2 CVEs
- 846.org.apache.logging.log4j:log4j2 CVEs
- 847.org.apache.myfaces.core:myfaces-impl2 CVEs
- 848.org.apache.nifi:nifi-dbcp-base2 CVEs
- 849.org.apache.nifi:nifi-framework-core2 CVEs
- 850.org.apache.nifi:nifi-hikari-dbcp-service2 CVEs
Which Maven packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →