Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:jooby:jooby:0.14.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-7647 |
All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors. Published: May 11, 2020; 4:15:12 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2020-7622 |
This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting. Published: April 06, 2020; 11:15:12 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-15477 |
Jooby before 1.6.4 has XSS via the default error handler. Published: August 23, 2019; 9:15:10 AM -0400 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |