Maven Package Vulnerabilities

All 3,053 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,831 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 2,101.org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol1 CVE
  2. 2,102.org.apache.qpid:qpid-client1 CVE
  3. 2,103.org.apache.qpid:qpid-jms-client1 CVE
  4. 2,104.org.apache.qpid:qpid-parent1 CVE
  5. 2,105.org.apache.ranger:ranger-hive-plugin1 CVE
  6. 2,106.org.apache.ranger:ranger-plugins-common1 CVE
  7. 2,107.org.apache.ranger:security-admin-web1 CVE
  8. 2,108.org.apache.rave:rave-core1 CVE
  9. 2,109.org.apache.rave:rave-portal-resources1 CVE
  10. 2,110.org.apache.rave:rave-web1 CVE
  11. 2,111.org.apache.rocketmq:rocketmq-all1 CVE
  12. 2,112.org.apache.rocketmq:rocketmq-controller1 CVE
  13. 2,113.org.apache.seata:seata-core1 CVE
  14. 2,114.org.apache.seata:seata-parent1 CVE
  15. 2,115.org.apache.seata:seata-serializer-fury1 CVE
  16. 2,116.org.apache.seatunnel:seatunnel1 CVE
  17. 2,117.org.apache.seatunnel:seatunnel-engine-common1 CVE
  18. 2,118.org.apache.seatunnel:seatunnel-engine-server1 CVE
  19. 2,119.org.apache.seatunnel:seatunnel-web1 CVE
  20. 2,120.org.apache.sentry:sentry1 CVE
  21. 2,121.org.apache.servicecomb:java-chassis1 CVE
  22. 2,122.org.apache.servicemix.bundles:org.apache.servicemix.bundles.collections-generic1 CVE
  23. 2,123.org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-collections1 CVE
  24. 2,124.org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-io1 CVE
  25. 2,125.org.apache.shardingsphere:shardingsphere-proxy1 CVE
  26. 2,126.org.apache.shenyu:shenyu1 CVE
  27. 2,127.org.apache.shenyu:shenyu-bootstrap1 CVE
  28. 2,128.org.apache.shindig:shindig-php1 CVE
  29. 2,129.org.apache.shiro:shiro-all1 CVE
  30. 2,130.org.apache.shiro:shiro-spring-boot-starter1 CVE
  31. 2,131.org.apache.sis.core:sis-metadata1 CVE
  32. 2,132.org.apache.skywalking:apm-webapp1 CVE
  33. 2,133.org.apache.skywalking:oap-server1 CVE
  34. 2,134.org.apache.skywalking:server-core1 CVE
  35. 2,135.org.apache.sling:org.apache.sling.commons.json1 CVE
  36. 2,136.org.apache.sling:org.apache.sling.commons.log1 CVE
  37. 2,137.org.apache.sling:org.apache.sling.commons.messaging.mail1 CVE
  38. 2,138.org.apache.sling:org.apache.sling.engine1 CVE
  39. 2,139.org.apache.sling:org.apache.sling.i18n1 CVE
  40. 2,140.org.apache.sling:org.apache.sling.jcr.base1 CVE
  41. 2,141.org.apache.sling:org.apache.sling.jcr.contentloader1 CVE
  42. 2,142.org.apache.sling:org.apache.sling.resourcemerger1 CVE
  43. 2,143.org.apache.sling:org.apache.sling.servlets.resolver1 CVE
  44. 2,144.org.apache.solr:solr-solrj-streaming1 CVE
  45. 2,145.org.apache.spark:spark-core1 CVE
  46. 2,146.org.apache.spark:spark-core_2.9.31 CVE
  47. 2,147.org.apache.spark:spark-hive-thriftserver_2.111 CVE
  48. 2,148.org.apache.spark:spark-hive-thriftserver_2.121 CVE
  49. 2,149.org.apache.spark:spark-network-common_2.121 CVE
  50. 2,150.org.apache.spark:spark-network-common_2.131 CVE

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →