Severity Critical High Medium Low Informational Vulnerability Categories Broken Link Exploit Issue Tracking Mailing List Mitigation Not Applicable Patch Permissions Required Press Media Coverage Product Release Notes Technical Description Third Party Advisory Tool Signature URL Repurposed US Government Resource VDB Entry Vendor Advisory Vulnerability Name CVE CWE CWE Severity CVE-2007-5613 Vulnerability in maven package org.mortbay.jetty:jetty CWE-79 CWE-79 Critical CVE-2007-5614 Vulnerability in maven package org.mortbay.jetty:jetty Critical CVE-2009-0217 Vulnerability in maven package org.apache.santuario:xmlsec Critical CVE-2009-2625 Vulnerability in maven package xerces:xercesimpl Critical CVE-2011-1498 Vulnerability in maven package org.apache.httpcomponents:httpclient CWE-200 CWE-200 Critical CVE-2011-3389 Vulnerability in npm package faye CWE-326 CWE-326 Critical CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty.aggregate:jetty-all CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty.aggregate:jetty-all-server CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty.aggregate:jetty-plus CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty.aggregate:jetty-servlet CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty.aggregate:jetty-webapp CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.eclipse.jetty:jetty-server CWE-310 CWE-310 Medium CVE-2011-4461 Vulnerability in maven package org.mortbay.jetty:jetty CWE-310 CWE-310 Medium CVE-2011-4838 Vulnerability in maven package com.sun.grizzly:jruby CWE-400 CWE-400 Critical CVE-2011-4838 Vulnerability in maven package jruby:jruby CWE-400 CWE-400 Critical CVE-2011-4838 Vulnerability in maven package org.jruby:jruby CWE-400 CWE-400 Critical CVE-2011-4838 Vulnerability in maven package org.jruby:jruby-core CWE-400 CWE-400 Critical CVE-2011-4838 Vulnerability in maven package org.jruby:jruby-stdlib CWE-400 CWE-400 Critical CVE-2011-4858 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core CWE-399 CWE-399 Critical CVE-2011-4858 Vulnerability in maven package org.apache.tomcat:catalina CWE-399 CWE-399 Critical CVE-2011-4858 Vulnerability in maven package org.apache.tomcat:tomcat-catalina CWE-399 CWE-399 Critical CVE-2011-4858 Vulnerability in maven package tomcat:catalina CWE-399 CWE-399 Critical CVE-2011-5034 Vulnerability in maven package geronimo:geronimo-tomcat CWE-20 CWE-20 Critical CVE-2011-5034 Vulnerability in maven package org.apache.geronimo.modules:geronimo-tomcat6 CWE-20 CWE-20 Critical CVE-2011-5034 Vulnerability in maven package org.apache.geronimo:geronimo-tomcat CWE-20 CWE-20 Critical CVE-2013-1571 Vulnerability in maven package org.apache.tomcat:catalina Critical CVE-2013-3827 Vulnerability in maven package com.sun.faces:jsf-impl Critical CVE-2014-0107 Vulnerability in maven package xalan:xalan CWE-264 CWE-264 Critical CVE-2014-0363 Vulnerability in maven package org.igniterealtime.smack:smack-core CWE-295 CWE-295 Critical CVE-2014-0364 Vulnerability in maven package org.igniterealtime.smack:smack CWE-345 CWE-345 Critical CVE-2015-2912 Vulnerability in maven package com.orientechnologies:orientdb-core CWE-352 CWE-352 Critical CVE-2015-2912 Vulnerability in maven package com.orientechnologies:orientdb-server CWE-352 CWE-352 Critical CVE-2015-2913 Vulnerability in maven package com.orientechnologies:orientdb-server CWE-200 CWE-200 Medium CVE-2015-2918 Vulnerability in maven package com.orientechnologies:orientdb-studio CWE-20 CWE-20 High CVE-2016-5388 Vulnerability in maven package org.apache.tomcat:tomcat CWE-284 CWE-284 Critical CVE-2016-5388 Vulnerability in maven package org.apache.tomcat:tomcat-catalina CWE-284 CWE-284 Critical CVE-2016-9487 Vulnerability in maven package org.idpf:epubcheck CWE-611 CWE-611 High CVE-2017-3199 Vulnerability in maven package org.graniteds:granite-generator CWE-502 CWE-502 Critical CVE-2017-3200 Vulnerability in maven package org.graniteds:granite-generator CWE-502 CWE-502 Critical CVE-2017-3202 Vulnerability in maven package com.exadel.flamingo.flex:amf-serializer CWE-502 CWE-502 Critical CVE-2017-3203 Vulnerability in maven package org.springframework.flex:spring-flex-core CWE-502 CWE-502 Critical CVE-2017-3208 Vulnerability in maven package com.exadel.flamingo.flex:amf-serializer CWE-611 CWE-611 Critical CVE-2017-5638 Vulnerability in maven package org.apache.struts:struts2-core CWE-755 CWE-755 Critical CVE-2017-5641 Vulnerability in maven package com.adobe.blazeds:flex-messaging-core CWE-502 CWE-502 Critical CVE-2017-5641 Vulnerability in maven package org.apache.flex.blazeds:blazeds CWE-502 CWE-502 Critical CVE-2017-5641 Vulnerability in maven package org.apache.flex.blazeds:flex-messaging-core CWE-502 CWE-502 Critical CVE-2017-9805 Vulnerability in maven package org.apache.struts:struts2-core CWE-502 CWE-502 Critical CVE-2017-11429 Vulnerability in npm package saml2-js CWE-287 CWE-287 Critical CVE-2017-13098 Vulnerability in maven package com.madgag.spongycastle:bctls-jdk15on CWE-203 CWE-203 Medium CVE-2017-13098 Vulnerability in maven package org.bouncycastle:bctls-jdk15on CWE-203 CWE-203 Medium CVE-2017-16197 Vulnerability in npm package qinserve CWE-22 CWE-22 High CVE-2018-5382 Vulnerability in maven package org.bouncycastle:bcprov-jdk14 CWE-354 CWE-354 Medium CVE-2018-5382 Vulnerability in maven package org.bouncycastle:bcprov-jdk15 CWE-354 CWE-354 Medium CVE-2018-5382 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on CWE-354 CWE-354 Medium CVE-2018-5382 Vulnerability in maven package org.bouncycastle:bcprov-jdk16 CWE-354 CWE-354 Medium CVE-2018-11307 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind CWE-502 CWE-502 Critical CVE-2019-9512 Vulnerability in maven package io.netty:netty-codec-http2 CWE-400 CWE-400 High CVE-2019-9514 Vulnerability in maven package io.netty:netty-codec-http2 CWE-770 CWE-770 High CVE-2019-9515 Vulnerability in maven package io.netty:netty-codec-http2 CWE-770 CWE-770 High CVE-2019-9518 Vulnerability in maven package io.netty:netty-codec-http2 CWE-770 CWE-770 High CVE-2021-44228 Vulnerability in maven package org.apache.logging.log4j:log4j-core CWE-20 CWE-20 Critical CVE-2021-45046 Vulnerability in maven package org.apache.logging.log4j:log4j-core CWE-917 CWE-917 Critical CVE-2021-45105 Vulnerability in maven package org.apache.logging.log4j:log4j-core CWE-20 CWE-20 Medium CVE-2023-44487 Vulnerability in maven package io.helidon.http:helidon-http-http2 High CVE-2023-44487 Vulnerability in maven package io.netty:netty-codec-http2 High CVE-2023-44487 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core High CVE-2023-44487 Vulnerability in maven package org.apache.tomcat:tomcat-coyote High CVE-2023-44487 Vulnerability in maven package org.eclipse.jetty.http2:http2-common High
