Maven Package Vulnerabilities
All 3,052 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,829 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 2,001.org.apache.jackrabbit:jackrabbit1 CVE
- 2,002.org.apache.jackrabbit:jackrabbit-jcr-commons1 CVE
- 2,003.org.apache.jackrabbit:jackrabbit-spi-commons1 CVE
- 2,004.org.apache.jackrabbit:jackrabbit-standalone1 CVE
- 2,005.org.apache.jackrabbit:jackrabbit-standalone-components1 CVE
- 2,006.org.apache.jackrabbit:jackrabbit-webapp1 CVE
- 2,007.org.apache.jackrabbit:jackrabbit-webdav1 CVE
- 2,008.org.apache.jackrabbit:oak-core1 CVE
- 2,009.org.apache.james:apache-mime4j-core1 CVE
- 2,010.org.apache.james:apache-mime4j-storage1 CVE
- 2,011.org.apache.james.hupa:hupa-parent1 CVE
- 2,012.org.apache.james:james-project1 CVE
- 2,013.org.apache.james:james-server-jmap-draft1 CVE
- 2,014.org.apache.james:javax-mail-extension1 CVE
- 2,015.org.apache.james.protocols:protocols-imap1 CVE
- 2,016.org.apache.jena:jena-core1 CVE
- 2,017.org.apache.jena:jena-sdb1 CVE
- 2,018.org.apache.johnzon:johnzon-mapper1 CVE
- 2,019.org.apache.jspwiki:jspwiki-markdown1 CVE
- 2,020.org.apache.juddi:juddi-core1 CVE
- 2,021.org.apache.kafka:connect1 CVE
- 2,022.org.apache.kafka:kafka_2.8.01 CVE
- 2,023.org.apache.kafka:kafka_2.8.21 CVE
- 2,024.org.apache.kafka:kafka_2.9.11 CVE
- 2,025.org.apache.kafka:kafka_2.9.21 CVE
- 2,026.org.apache.kafka:kafka-metadata1 CVE
- 2,027.org.apache.karaf:cave1 CVE
- 2,028.org.apache.karaf.config:org.apache.karaf.config.core1 CVE
- 2,029.org.apache.karaf.decanter.collector:org.apache.karaf.decanter.collector.log.socket1 CVE
- 2,030.org.apache.karaf:karaf1 CVE
- 2,031.org.apache.karaf.specs:org.apache.karaf.specs.java.xml1 CVE
- 2,032.org.apache.kerby:ldap-backend1 CVE
- 2,033.org.apache.knox:gateway-provider-identity-assertion-common1 CVE
- 2,034.org.apache.knox:gateway-service-knoxsso1 CVE
- 2,035.org.apache.kylin:kylin-spark-project1 CVE
- 2,036.org.apache.kyuubi:kyuubi-server_2.121 CVE
- 2,037.org.apache.linkis:linkis-engineconn1 CVE
- 2,038.org.apache.linkis:linkis-engineplugin-spark1 CVE
- 2,039.org.apache.linkis:linkis-metadata1 CVE
- 2,040.org.apache.linkis:linkis-metadata-query-service-jdbc1 CVE
- 2,041.org.apache.livy:livy-server1 CVE
- 2,042.org.apache.logging.log4j:log4j-1.2-api1 CVE
- 2,043.org.apache.logging.log4j:log4j-layout-template-json1 CVE
- 2,044.org.apache.lucene:lucene-replicator1 CVE
- 2,045.org.apache.maven:maven-compat1 CVE
- 2,046.org.apache.maven:maven-core1 CVE
- 2,047.org.apache.maven.plugins:maven-archetype-plugin1 CVE
- 2,048.org.apache.maven.shared:maven-shared-utils1 CVE
- 2,049.org.apache.myfaces.shared:myfaces-shared-core1 CVE
- 2,050.org.apache.myfaces.trinidad:trinidad1 CVE
Which Maven packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →