Maven vulnerabilities | Corgea Advisories

MEDIUM 6.1

Maven

CVE-2020-13932

Cross-site Scripting (XSS) in Apache ActiveMQ Artemis

Feb 9, 2022

HIGH 8.0

Maven

CVE-2026-53441

Jenkins: Stored XSS vulnerability in node offline cause description

Jun 10, 2026

UNKNOWN

Maven

CVE-2026-48006

Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Jun 11, 2026

UNKNOWN

Maven

CVE-2026-48059

Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion

Jun 11, 2026

HIGH 8.1

Maven

CVE-2026-41731

In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization

Jun 10, 2026

MEDIUM 6.5

Maven

CVE-2026-41726

In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

Jun 10, 2026

UNKNOWN

Maven

GHSA-ch3q-cw5r-f4hg

ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

Jun 12, 2026

UNKNOWN

Maven

GHSA-vc8p-8pxg-rfwg

ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing

Jun 12, 2026

MEDIUM 5.3

Maven

CVE-2023-45648

Apache Tomcat Improper Input Validation vulnerability

Oct 10, 2023

MEDIUM 5.3

Maven

CVE-2023-42795

Apache Tomcat Incomplete Cleanup vulnerability

Oct 10, 2023

CRITICAL 9.1

Maven

CVE-2025-66614

Apache Tomcat - Client certificate verification bypass

Feb 17, 2026

MEDIUM 4.0

Maven

CVE-2026-45536

Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-45416

Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Jun 8, 2026

MEDIUM 6.8

Maven

CVE-2026-45673

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-44893

Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-44894

Netty's Default QUIC token handler accepts any client-supplied token

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-46340

Netty: SCTP reassembly nests buffers without bound

Jun 8, 2026

MEDIUM 5.3

Maven

CVE-2026-47244

Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced

Jun 8, 2026

HIGH 8.7

Maven

CVE-2026-45674

Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Jun 8, 2026

HIGH 8.7

Maven

CVE-2026-47691

Netty has Insufficient Bailiwick Validation for NS Records

Jun 8, 2026

MEDIUM 5.3

Maven

CVE-2026-48043

netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Jun 11, 2026

HIGH 7.5

Maven

CVE-2026-44892

Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-44250

Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays

Jun 8, 2026

HIGH 7.5

Maven

CVE-2026-44890

Netty has Unbounded Direct Memory Consumption in its RedisDecoder

Jun 8, 2026

HIGH 8.1

Maven

CVE-2026-44249

Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking

Jun 8, 2026

HIGH 8.1

Maven

GHSA-j9gf-vw2f-9hrw

Appsmith: Configuration-dependent origin validation bypass in password reset and email verification link generation

Jun 12, 2026

HIGH 8.1

Maven

GHSA-9wcp-79g5-5c3c

Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators

Jun 12, 2026

MEDIUM 6.5

Maven

CVE-2025-58175

GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution

Jun 12, 2026

HIGH 7.2

Maven

CVE-2025-52465

GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

Jun 12, 2026

HIGH 7.2

Maven

CVE-2025-27511

GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection

Jun 11, 2026

MEDIUM 6.4

Maven

CVE-2026-9087

Keycloak: Insufficient verification proof scoping enables identity provider account linking attack and account compromise

May 20, 2026

CRITICAL 9.1

Maven

CVE-2026-40982

Spring Cloud Config vulnerable to Path Traversal

May 7, 2026

HIGH 7.5

Maven

CVE-2026-40981

Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

May 7, 2026

HIGH 7.5

Maven

CVE-2020-13935

Infinite Loop in Apache Tomcat

Feb 8, 2022

HIGH 7.5

Maven

CVE-2020-11996

Uncontrolled Resource Consumption in Apache Tomcat

Feb 9, 2022

MEDIUM 4.3

Maven

CVE-2026-42568

Yamcs Vulnerable to LDAP Injection in LdapAuthModule

May 26, 2026

UNKNOWN

Maven

CVE-2026-48040

netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access

Jun 11, 2026

HIGH 8.7

Maven

CVE-2026-28367

Undertow is Vulnerable to HTTP Request/Response Smuggling

Mar 27, 2026

MEDIUM 5.4

Maven

CVE-2026-8922

Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured

May 19, 2026

MEDIUM 4.3

Maven

CVE-2026-8830

Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation

May 19, 2026

HIGH 8.7

Maven

CVE-2026-28369

Undertow is Vulnerable to HTTP Request/Response Smuggling

Mar 27, 2026

HIGH 8.7

Maven

CVE-2026-28368

Undertow is Vulnerable to HTTP Request/Response Smuggling

Mar 27, 2026

MEDIUM 5.4

Maven

CVE-2026-7500

Keycloak has a Forced Browsing issue

Apr 30, 2026

HIGH 7.5

Maven

CVE-2025-53114

Acknowledgement extension out of memory

Jun 10, 2026

MEDIUM 6.1

Maven

CVE-2026-34237

MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)

Mar 30, 2026

MEDIUM 5.5

Maven

CVE-2026-45581

fabric-chaincode-java: TLS Private Key Password Disclosed in INFO Startup Logs in Chaincode-as-a-Service Mode

May 19, 2026

HIGH 8.3

Maven

CVE-2026-46481

OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users

May 21, 2026

HIGH 8.8

Maven KEV

CVE-2022-33891

Apache Spark UI can allow impersonation if ACLs enabled

Jul 19, 2022

HIGH 8.8

Maven

CVE-2023-32007

Apache Spark UI vulnerable to Command Injection

May 2, 2023

HIGH 7.5

Maven

CVE-2022-43766

Apache IoTDB subject to ReDOS with Java 8

Oct 26, 2022

MEDIUM 5.3

Maven

CVE-2026-0707

Keycloak has Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Jan 8, 2026

HIGH 7.4

Maven

CVE-2026-45300

async-http-client: Cookie header not stripped on cross-origin redirect

May 18, 2026

UNKNOWN

Maven

CVE-2026-41207

netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures

May 26, 2026

CRITICAL 9.8

Maven

CVE-2026-33728

dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution

Mar 26, 2026

HIGH 7.2

Maven

CVE-2026-45609

Spring AI MCP Security: Unvalidated URL Fetching (SSRF)

May 18, 2026

MEDIUM 6.6

Maven

CVE-2021-44832

Improper Input Validation and Injection in Apache Log4j2

Jan 4, 2022

LOW 3.7

Maven

CVE-2020-9488

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender

Jun 5, 2020

CRITICAL 9.8

Maven

CVE-2024-55875

http4k has a potential XXE (XML External Entity Injection) vulnerability

Dec 12, 2024

HIGH 8.6

Maven

CVE-2021-45105

Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion

Dec 18, 2021

CRITICAL 9.8

Maven

CVE-2019-17571

Deserialization of Untrusted Data in Log4j

Jan 6, 2020

Know every threat before it ships

Cross-site Scripting (XSS) in Apache ActiveMQ Artemis

Jenkins: Stored XSS vulnerability in node offline cause description

Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion

In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization

In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing

Apache Tomcat Improper Input Validation vulnerability

Apache Tomcat Incomplete Cleanup vulnerability

Apache Tomcat - Client certificate verification bypass

Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length

Netty's Default QUIC token handler accepts any client-supplied token

Netty: SCTP reassembly nests buffers without bound

Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced

Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Netty has Insufficient Bailiwick Validation for NS Records

netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size

Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays

Netty has Unbounded Direct Memory Consumption in its RedisDecoder

Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking

Appsmith: Configuration-dependent origin validation bypass in password reset and email verification link generation

Appsmith Super User Creation Race Condition Allows Multiple Instance Administrators

GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution

GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection

Keycloak: Insufficient verification proof scoping enables identity provider account linking attack and account compromise

Spring Cloud Config vulnerable to Path Traversal

Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

Infinite Loop in Apache Tomcat

Uncontrolled Resource Consumption in Apache Tomcat

Yamcs Vulnerable to LDAP Injection in LdapAuthModule

netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access

Undertow is Vulnerable to HTTP Request/Response Smuggling

Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured

Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation

Undertow is Vulnerable to HTTP Request/Response Smuggling

Undertow is Vulnerable to HTTP Request/Response Smuggling

Keycloak has a Forced Browsing issue

Acknowledgement extension out of memory

MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)

fabric-chaincode-java: TLS Private Key Password Disclosed in INFO Startup Logs in Chaincode-as-a-Service Mode

OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users

Apache Spark UI can allow impersonation if ACLs enabled

Apache Spark UI vulnerable to Command Injection

Apache IoTDB subject to ReDOS with Java 8

Keycloak has Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

async-http-client: Cookie header not stripped on cross-origin redirect

netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures

dd-trace-java: Unsafe deserialization in RMI instrumentation may lead to remote code execution

Spring AI MCP Security: Unvalidated URL Fetching (SSRF)

Improper Input Validation and Injection in Apache Log4j2

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender

http4k has a potential XXE (XML External Entity Injection) vulnerability

Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion

Deserialization of Untrusted Data in Log4j

Start Securing