VulnerableCode Package Details - pkg:deb/debian/libhibernate-validator4-java@4.3.4-7?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-afkn-k8yk-w3dr	Improper Input Validation in Hibernate Validator A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.	CVE-2020-10693 GHSA-rmrm-75hp-phr2
VCID-d4z1-hdkt-r7g1	The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.	CVE-2019-10219 GHSA-m8p2-495h-ccmh

Vulnerability

Summary

Aliases

VCID-afkn-k8yk-w3dr

Improper Input Validation in Hibernate Validator A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.

CVE-2020-10693
GHSA-rmrm-75hp-phr2

VCID-d4z1-hdkt-r7g1

The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

CVE-2019-10219
GHSA-m8p2-495h-ccmh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:16:40.481433+00:00	Debian Importer	Fixing	VCID-d4z1-hdkt-r7g1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:49:14.280975+00:00	Debian Importer	Fixing	VCID-afkn-k8yk-w3dr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:08:38.294351+00:00	Debian Importer	Fixing	VCID-d4z1-hdkt-r7g1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:19:29.339501+00:00	Debian Importer	Fixing	VCID-afkn-k8yk-w3dr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:28:53.025457+00:00	Debian Importer	Fixing	VCID-afkn-k8yk-w3dr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:28:52.996053+00:00	Debian Importer	Fixing	VCID-d4z1-hdkt-r7g1	https://security-tracker.debian.org/tracker/data/json	38.1.0