Severity Critical High Medium Low Informational Vulnerability Categories Broken Link Exploit Issue Tracking Mailing List Mitigation Not Applicable Patch Permissions Required Press Media Coverage Product Release Notes Technical Description Third Party Advisory Tool Signature URL Repurposed US Government Resource VDB Entry Vendor Advisory Vulnerability Name CVE CWE CWE Severity CVE-2017-5638 Vulnerability in maven package org.apache.struts:struts2-core CWE-20 CWE-20 Critical CVE-2021-21307 Vulnerability in maven package org.lucee:lucee CWE-862 CWE-862 Critical CVE-2021-28918 Vulnerability in npm package netmask CWE-704 CWE-704 Critical CVE-2023-44487 Vulnerability in maven package io.helidon.http:helidon-http-http2 CWE-400 CWE-400 High CVE-2023-44487 Vulnerability in maven package io.netty:netty-codec-http2 CWE-400 CWE-400 High CVE-2023-44487 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core CWE-400 CWE-400 High CVE-2023-44487 Vulnerability in maven package org.apache.tomcat:tomcat-coyote CWE-400 CWE-400 High CVE-2023-44487 Vulnerability in maven package org.eclipse.jetty.http2:http2-common CWE-400 CWE-400 High