Maven Package Vulnerabilities

All 3,051 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,817 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 1,201.co.fs2:fs2-io_0.271 CVE
  2. 1,202.co.fs2:fs2-io_2.111 CVE
  3. 1,203.co.fs2:fs2-io_2.12.0-M41 CVE
  4. 1,204.co.fs2:fs2-io_2.12.0-M51 CVE
  5. 1,205.co.fs2:fs2-io_2.12.0-RC11 CVE
  6. 1,206.co.fs2:fs2-io_2.12.0-RC21 CVE
  7. 1,207.co.fs2:fs2-io_2.13.0-M51 CVE
  8. 1,208.co.fs2:fs2-io_sjs1_2.131 CVE
  9. 1,209.co.fs2:fs2-io_sjs1_31 CVE
  10. 1,210.com.adobe.cq:core.wcm.components.core1 CVE
  11. 1,211.com.adobe.xmp:xmpcore1 CVE
  12. 1,212.com.aerospike:aerospike-client1 CVE
  13. 1,213.com.alibaba:hessian-lite1 CVE
  14. 1,214.com.alibaba.nacos:nacos-client1 CVE
  15. 1,215.com.alibaba.nacos:nacos-spring-context1 CVE
  16. 1,216.com.alibaba.oneagent:one-java-agent-plugin1 CVE
  17. 1,217.com.alipay.sofa.acts:acts-common-util1 CVE
  18. 1,218.com.alipay.sofa:rpc-sofa-boot-starter1 CVE
  19. 1,219.com.amazonaws:aws-android-sdk-mobile-client1 CVE
  20. 1,220.com.amazonaws:aws-codebuild1 CVE
  21. 1,221.com.amazonaws:aws-codepipeline1 CVE
  22. 1,222.com.amazonaws:aws-java-sdk-s31 CVE
  23. 1,223.com.amazon.ion:ion-java1 CVE
  24. 1,224.com.anrisoftware.globalpom:globalpomutils1 CVE
  25. 1,225.com.applatix.jenkins:applatix1 CVE
  26. 1,226.com.arcadedb:arcadedb-server1 CVE
  27. 1,227.com.atlassian.connect:atlassian-connect-spring-boot1 CVE
  28. 1,228.com.atlassian.connect:atlassian-connect-spring-boot-starter1 CVE
  29. 1,229.com.axis.jenkins.plugins.eiffel:eiffel-broadcaster1 CVE
  30. 1,230.com.axis.system.jenkins.plugins.downstream:yet-another-build-visualizer1 CVE
  31. 1,231.com.azure:azure-core-amqp1 CVE
  32. 1,232.com.azure:azure-identity1 CVE
  33. 1,233.com.azure:azure-security-keyvault-keys1 CVE
  34. 1,234.com.azure:azure-storage-blob1 CVE
  35. 1,235.com.baidu.mapp:brcc-core1 CVE
  36. 1,236.com.baomidou:dynamic-datasource-spring1 CVE
  37. 1,237.com.baomidou:mybatis-plus1 CVE
  38. 1,238.com.bmuschko:gradle-vagrant-plugin1 CVE
  39. 1,239.com.brianfromoregon:caliper-ci1 CVE
  40. 1,240.com.browserup:browserup-proxy1 CVE
  41. 1,241.com.bstek.uflo:uflo-core1 CVE
  42. 1,242.com.catalogic.ecxjenkins:catalogic-ecx1 CVE
  43. 1,243.com.caverock:androidsvg1 CVE
  44. 1,244.com.cedarsoftware:json-io1 CVE
  45. 1,245.com.clever-cloud:biscuit-java1 CVE
  46. 1,246.com.clickhouse:clickhouse-client1 CVE
  47. 1,247.com.clickhouse:clickhouse-jdbc1 CVE
  48. 1,248.com.clickhouse:clickhouse-r2dbc1 CVE
  49. 1,249.com.cloudbees.jenkins.plugins:kubernetes-credentials-provider1 CVE
  50. 1,250.com.cloudbees.jenkins.plugins:xpdev1 CVE

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →