Maven Package Vulnerabilities
All 3,051 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,817 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,201.co.fs2:fs2-io_0.271 CVE
- 1,202.co.fs2:fs2-io_2.111 CVE
- 1,203.co.fs2:fs2-io_2.12.0-M41 CVE
- 1,204.co.fs2:fs2-io_2.12.0-M51 CVE
- 1,205.co.fs2:fs2-io_2.12.0-RC11 CVE
- 1,206.co.fs2:fs2-io_2.12.0-RC21 CVE
- 1,207.co.fs2:fs2-io_2.13.0-M51 CVE
- 1,208.co.fs2:fs2-io_sjs1_2.131 CVE
- 1,209.co.fs2:fs2-io_sjs1_31 CVE
- 1,210.com.adobe.cq:core.wcm.components.core1 CVE
- 1,211.com.adobe.xmp:xmpcore1 CVE
- 1,212.com.aerospike:aerospike-client1 CVE
- 1,213.com.alibaba:hessian-lite1 CVE
- 1,214.com.alibaba.nacos:nacos-client1 CVE
- 1,215.com.alibaba.nacos:nacos-spring-context1 CVE
- 1,216.com.alibaba.oneagent:one-java-agent-plugin1 CVE
- 1,217.com.alipay.sofa.acts:acts-common-util1 CVE
- 1,218.com.alipay.sofa:rpc-sofa-boot-starter1 CVE
- 1,219.com.amazonaws:aws-android-sdk-mobile-client1 CVE
- 1,220.com.amazonaws:aws-codebuild1 CVE
- 1,221.com.amazonaws:aws-codepipeline1 CVE
- 1,222.com.amazonaws:aws-java-sdk-s31 CVE
- 1,223.com.amazon.ion:ion-java1 CVE
- 1,224.com.anrisoftware.globalpom:globalpomutils1 CVE
- 1,225.com.applatix.jenkins:applatix1 CVE
- 1,226.com.arcadedb:arcadedb-server1 CVE
- 1,227.com.atlassian.connect:atlassian-connect-spring-boot1 CVE
- 1,228.com.atlassian.connect:atlassian-connect-spring-boot-starter1 CVE
- 1,229.com.axis.jenkins.plugins.eiffel:eiffel-broadcaster1 CVE
- 1,230.com.axis.system.jenkins.plugins.downstream:yet-another-build-visualizer1 CVE
- 1,231.com.azure:azure-core-amqp1 CVE
- 1,232.com.azure:azure-identity1 CVE
- 1,233.com.azure:azure-security-keyvault-keys1 CVE
- 1,234.com.azure:azure-storage-blob1 CVE
- 1,235.com.baidu.mapp:brcc-core1 CVE
- 1,236.com.baomidou:dynamic-datasource-spring1 CVE
- 1,237.com.baomidou:mybatis-plus1 CVE
- 1,238.com.bmuschko:gradle-vagrant-plugin1 CVE
- 1,239.com.brianfromoregon:caliper-ci1 CVE
- 1,240.com.browserup:browserup-proxy1 CVE
- 1,241.com.bstek.uflo:uflo-core1 CVE
- 1,242.com.catalogic.ecxjenkins:catalogic-ecx1 CVE
- 1,243.com.caverock:androidsvg1 CVE
- 1,244.com.cedarsoftware:json-io1 CVE
- 1,245.com.clever-cloud:biscuit-java1 CVE
- 1,246.com.clickhouse:clickhouse-client1 CVE
- 1,247.com.clickhouse:clickhouse-jdbc1 CVE
- 1,248.com.clickhouse:clickhouse-r2dbc1 CVE
- 1,249.com.cloudbees.jenkins.plugins:kubernetes-credentials-provider1 CVE
- 1,250.com.cloudbees.jenkins.plugins:xpdev1 CVE
Which Maven packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →