Maven Package Vulnerabilities

All 3,041 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,785 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 151.org.apache.karaf:apache-karaf7 CVEs
  2. 152.org.apache.mina:mina-core7 CVEs
  3. 153.org.apache.poi:poi7 CVEs
  4. 154.org.apache.syncope:syncope-core7 CVEs
  5. 155.org.jboss.resteasy:resteasy-client7 CVEs
  6. 156.org.jeecgframework.boot:jeecg-boot-base7 CVEs
  7. 157.org.jenkins-ci.plugins:artifactory7 CVEs
  8. 158.org.jenkins-ci.plugins:credentials-binding7 CVEs
  9. 159.org.jenkins-ci.plugins:htmlpublisher7 CVEs
  10. 160.org.jenkins-ci.plugins:jobConfigHistory7 CVEs
  11. 161.org.jenkins-ci.plugins:mercurial7 CVEs
  12. 162.org.jenkins-ci.plugins:openshift-deployer7 CVEs
  13. 163.org.jenkins-ci.plugins:rundeck7 CVEs
  14. 164.org.jruby:jruby-stdlib7 CVEs
  15. 165.org.opencastproject:opencast-kernel7 CVEs
  16. 166.org.opensearch.plugin:opensearch-security7 CVEs
  17. 167.org.owasp.antisamy:antisamy7 CVEs
  18. 168.org.springframework.cloud:spring-cloud-config-server7 CVEs
  19. 169.org.webjars:bootstrap7 CVEs
  20. 170.org.webjars.npm:jquery-ui7 CVEs
  21. 171.tech.powerjob:powerjob7 CVEs
  22. 172.axis:axis6 CVEs
  23. 173.cn.hutool:hutool-json6 CVEs
  24. 174.com.datapipe.jenkins.plugins:hashicorp-vault-plugin6 CVEs
  25. 175.com.google.protobuf:protobuf-java6 CVEs
  26. 176.com.jflyfox:jflyfox_jfinal6 CVEs
  27. 177.com.liferay.portal:com.liferay.portal.kernel6 CVEs
  28. 178.com.nimbusds:nimbus-jose-jwt6 CVEs
  29. 179.com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger6 CVEs
  30. 180.com.vaadin:vaadin-server6 CVEs
  31. 181.com.xebialabs.deployit.ci:deployit-plugin6 CVEs
  32. 182.com.xuxueli:xxl-job-core6 CVEs
  33. 183.gov.nsa.emissary:emissary6 CVEs
  34. 184.hudson.plugins:project-inheritance6 CVEs
  35. 185.log4j:log4j6 CVEs
  36. 186.net.snowflake:snowflake-jdbc6 CVEs
  37. 187.org.apache.httpcomponents:httpclient6 CVEs
  38. 188.org.apache.ignite:ignite-core6 CVEs
  39. 189.org.apache.kylin:kylin-core-common6 CVEs
  40. 190.org.apache.mesos:mesos6 CVEs
  41. 191.org.apache.pulsar:pulsar-broker6 CVEs
  42. 192.org.apache.shenyu:shenyu-common6 CVEs
  43. 193.org.apache.solr:solr-parent6 CVEs
  44. 194.org.apache.storm:storm-core6 CVEs
  45. 195.org.apache.streampipes:streampipes-parent6 CVEs
  46. 196.org.apache.struts:struts2-rest-plugin6 CVEs
  47. 197.org.apache.struts:struts-core6 CVEs
  48. 198.org.apache.tika:tika6 CVEs
  49. 199.org.apache.tomcat:tomcat-util6 CVEs
  50. 200.org.apache.zeppelin:zeppelin-server6 CVEs

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →