Maven Package Vulnerabilities
All 3,051 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,816 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 851.org.apache.nifi:nifi-standard-processors2 CVEs
- 852.org.apache.nifi:nifi-web-ui2 CVEs
- 853.org.apache.parquet:parquet-avro2 CVEs
- 854.org.apache.pdfbox:pdfbox-parent2 CVEs
- 855.org.apache.pinot:pinot2 CVEs
- 856.org.apache.pinot:pinot-controller2 CVEs
- 857.org.apache.poi:poi-scratchpad2 CVEs
- 858.org.apache.polaris:polaris-core2 CVEs
- 859.org.apache.polaris:polaris-runtime-service2 CVEs
- 860.org.apache.portals.jetspeed-2:jetspeed-commons2 CVEs
- 861.org.apache.qpid:proton-j2 CVEs
- 862.org.apache.rocketmq:rocketmq-broker2 CVEs
- 863.org.apache.rocketmq:rocketmq-namesrv2 CVEs
- 864.org.apache.sanselan:sanselan2 CVEs
- 865.org.apache.seata:seata-config-core2 CVEs
- 866.org.apache.shardingsphere:shardingsphere2 CVEs
- 867.org.apache.shiro:shiro-root2 CVEs
- 868.org.apache.sling:org.apache.sling.auth.core2 CVEs
- 869.org.apache.solr:solr-solrj2 CVEs
- 870.org.apache.spark:spark-core_2.122 CVEs
- 871.org.apache.spark:spark-core_2.132 CVEs
- 872.org.apache.spark:spark-parent_2.122 CVEs
- 873.org.apache.storm:storm-client2 CVEs
- 874.org.apache.submarine:submarine-server-core2 CVEs
- 875.org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui2 CVEs
- 876.org.apache.syncope.client.idrepo:syncope-client-idrepo-console2 CVEs
- 877.org.apache.syncope.core:syncope-core-spring2 CVEs
- 878.org.apache.tika:tika-parser-pdf-module2 CVEs
- 879.org.apache.tiles:tiles-core2 CVEs
- 880.org.apache.tomcat.embed:tomcat-embed-jasper2 CVEs
- 881.org.apache.tomcat.embed:tomcat-embed-websocket2 CVEs
- 882.org.apache.tomcat:tomcat-coyote-ffm2 CVEs
- 883.org.apache.tomcat:tomcat-websocket2 CVEs
- 884.org.apache.uima:uimaj-core2 CVEs
- 885.org.apache.wicket:wicket-parent2 CVEs
- 886.org.apache.wss4j:wss4j-ws-security-dom2 CVEs
- 887.org.apache.zeppelin:zeppelin-jdbc2 CVEs
- 888.org.apache.zeppelin:zeppelin-web2 CVEs
- 889.org.apereo.cas:cas-management-webapp-support2 CVEs
- 890.org.bouncycastle:bcpkix-jdk15on2 CVEs
- 891.org.bouncycastle:bcpkix-jdk15to182 CVEs
- 892.org.bouncycastle:bcprov-debug-jdk142 CVEs
- 893.org.bouncycastle:bcprov-debug-jdk15to182 CVEs
- 894.org.bouncycastle:bcprov-debug-jdk18on2 CVEs
- 895.org.bouncycastle:bcprov-ext-jdk142 CVEs
- 896.org.bouncycastle:bcprov-ext-jdk15to182 CVEs
- 897.org.bouncycastle:bcprov-ext-jdk18on2 CVEs
- 898.org.clojure:clojure2 CVEs
- 899.org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin2 CVEs
- 900.org.codehaus.jackson:jackson-mapper-asl2 CVEs
Which Maven packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →