Maven Package Vulnerabilities

All 3,052 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,829 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 2,001.org.apache.jackrabbit:jackrabbit1 CVE
  2. 2,002.org.apache.jackrabbit:jackrabbit-jcr-commons1 CVE
  3. 2,003.org.apache.jackrabbit:jackrabbit-spi-commons1 CVE
  4. 2,004.org.apache.jackrabbit:jackrabbit-standalone1 CVE
  5. 2,005.org.apache.jackrabbit:jackrabbit-standalone-components1 CVE
  6. 2,006.org.apache.jackrabbit:jackrabbit-webapp1 CVE
  7. 2,007.org.apache.jackrabbit:jackrabbit-webdav1 CVE
  8. 2,008.org.apache.jackrabbit:oak-core1 CVE
  9. 2,009.org.apache.james:apache-mime4j-core1 CVE
  10. 2,010.org.apache.james:apache-mime4j-storage1 CVE
  11. 2,011.org.apache.james.hupa:hupa-parent1 CVE
  12. 2,012.org.apache.james:james-project1 CVE
  13. 2,013.org.apache.james:james-server-jmap-draft1 CVE
  14. 2,014.org.apache.james:javax-mail-extension1 CVE
  15. 2,015.org.apache.james.protocols:protocols-imap1 CVE
  16. 2,016.org.apache.jena:jena-core1 CVE
  17. 2,017.org.apache.jena:jena-sdb1 CVE
  18. 2,018.org.apache.johnzon:johnzon-mapper1 CVE
  19. 2,019.org.apache.jspwiki:jspwiki-markdown1 CVE
  20. 2,020.org.apache.juddi:juddi-core1 CVE
  21. 2,021.org.apache.kafka:connect1 CVE
  22. 2,022.org.apache.kafka:kafka_2.8.01 CVE
  23. 2,023.org.apache.kafka:kafka_2.8.21 CVE
  24. 2,024.org.apache.kafka:kafka_2.9.11 CVE
  25. 2,025.org.apache.kafka:kafka_2.9.21 CVE
  26. 2,026.org.apache.kafka:kafka-metadata1 CVE
  27. 2,027.org.apache.karaf:cave1 CVE
  28. 2,028.org.apache.karaf.config:org.apache.karaf.config.core1 CVE
  29. 2,029.org.apache.karaf.decanter.collector:org.apache.karaf.decanter.collector.log.socket1 CVE
  30. 2,030.org.apache.karaf:karaf1 CVE
  31. 2,031.org.apache.karaf.specs:org.apache.karaf.specs.java.xml1 CVE
  32. 2,032.org.apache.kerby:ldap-backend1 CVE
  33. 2,033.org.apache.knox:gateway-provider-identity-assertion-common1 CVE
  34. 2,034.org.apache.knox:gateway-service-knoxsso1 CVE
  35. 2,035.org.apache.kylin:kylin-spark-project1 CVE
  36. 2,036.org.apache.kyuubi:kyuubi-server_2.121 CVE
  37. 2,037.org.apache.linkis:linkis-engineconn1 CVE
  38. 2,038.org.apache.linkis:linkis-engineplugin-spark1 CVE
  39. 2,039.org.apache.linkis:linkis-metadata1 CVE
  40. 2,040.org.apache.linkis:linkis-metadata-query-service-jdbc1 CVE
  41. 2,041.org.apache.livy:livy-server1 CVE
  42. 2,042.org.apache.logging.log4j:log4j-1.2-api1 CVE
  43. 2,043.org.apache.logging.log4j:log4j-layout-template-json1 CVE
  44. 2,044.org.apache.lucene:lucene-replicator1 CVE
  45. 2,045.org.apache.maven:maven-compat1 CVE
  46. 2,046.org.apache.maven:maven-core1 CVE
  47. 2,047.org.apache.maven.plugins:maven-archetype-plugin1 CVE
  48. 2,048.org.apache.maven.shared:maven-shared-utils1 CVE
  49. 2,049.org.apache.myfaces.shared:myfaces-shared-core1 CVE
  50. 2,050.org.apache.myfaces.trinidad:trinidad1 CVE

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →