Maven Package Vulnerabilities

All 3,042 Java / JVM artifacts with known CVEs, ranked by live CVE volume — 7,786 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 301.com.convertigo.jenkins.plugins:convertigo-mobile-platform4 CVEs
  2. 302.com.ctrip.framework.apollo:apollo4 CVEs
  3. 303.com.elasticbox.jenkins-ci.plugins:kubernetes-ci4 CVEs
  4. 304.com.google.protobuf:protobuf-javalite4 CVEs
  5. 305.com.h2database:h24 CVEs
  6. 306.com.hubspot.jinjava:jinjava4 CVEs
  7. 307.com.itextpdf:itext7-core4 CVEs
  8. 308.com.liferay:com.liferay.change.tracking.web4 CVEs
  9. 309.com.liferay:com.liferay.dynamic.data.mapping.form.field.type4 CVEs
  10. 310.com.liferay:com.liferay.frontend.taglib.clay4 CVEs
  11. 311.com.liferay:com.liferay.portal.vulcan.impl4 CVEs
  12. 312.com.rapid7:jenkinsci-appspider-plugin4 CVEs
  13. 313.com.surenpi.jenkins:phoenix-autotest4 CVEs
  14. 314.com.typesafe.akka:akka-http-core_2.114 CVEs
  15. 315.com.typesafe.akka:akka-http-core_2.124 CVEs
  16. 316.com.typesafe.play:play4 CVEs
  17. 317.com.typesafe.play:play_2.124 CVEs
  18. 318.io.goobi.viewer:viewer-core4 CVEs
  19. 319.io.hawt:project4 CVEs
  20. 320.io.jenkins.plugins:macstadium-orka4 CVEs
  21. 321.io.netty:netty-codec4 CVEs
  22. 322.io.openremote:openremote-manager4 CVEs
  23. 323.io.quarkus:quarkus-vertx-http4 CVEs
  24. 324.io.ratpack:ratpack-core4 CVEs
  25. 325.io.strimzi:strimzi4 CVEs
  26. 326.io.swagger:swagger-codegen4 CVEs
  27. 327.io.undertow:undertow-parent4 CVEs
  28. 328.net.minidev:json-smart4 CVEs
  29. 329.net.sf.mpxj:mpxj4 CVEs
  30. 330.org.apache.ant:ant4 CVEs
  31. 331.org.apache.any23:apache-any234 CVEs
  32. 332.org.apache.cxf:cxf-rt-frontend-jaxrs4 CVEs
  33. 333.org.apache.cxf.fediz:fediz-spring24 CVEs
  34. 334.org.apache.inlong:inlong4 CVEs
  35. 335.org.apache.jena:jena4 CVEs
  36. 336.org.apache.kafka:kafka4 CVEs
  37. 337.org.apache.kafka:kafka_2.114 CVEs
  38. 338.org.apache.kafka:kafka_2.124 CVEs
  39. 339.org.apache.kafka:kafka_2.134 CVEs
  40. 340.org.apache.linkis:linkis-datasource4 CVEs
  41. 341.org.apache.nifi:nifi-web-api4 CVEs
  42. 342.org.apache.opennlp:opennlp-tools4 CVEs
  43. 343.org.apache.pulsar:pulsar4 CVEs
  44. 344.org.apache.pulsar:pulsar-functions-worker4 CVEs
  45. 345.org.apache.qpid:qpid-broker4 CVEs
  46. 346.org.apache.shiro:shiro-web4 CVEs
  47. 347.org.apache.sling:org.apache.sling.servlets.post4 CVEs
  48. 348.org.apache.solr:solr4 CVEs
  49. 349.org.apache.storm:storm4 CVEs
  50. 350.org.apache.ws.security:wss4j4 CVEs

Which Maven packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →