VulnerableCode Package Details - pkg:maven/io.smallrye.config/smallrye-config@1.5.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/io.smallrye.config/smallrye-config@1.5.1

purl	pkg:maven/io.smallrye.config/smallrye-config@1.5.1

Next non-vulnerable version	1.6.2
Latest non-vulnerable version	1.6.2
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-vhk6-ks9x-1kes Aliases: CVE-2020-1729 GHSA-54fx-gm74-q676	Incorrect Authorization A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data confidentiality. This is fixed in SmallRye 1.6.2	1.6.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:43:10.679787+00:00	GitLab Importer	Affected by	VCID-vhk6-ks9x-1kes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.smallrye.config/smallrye-config/CVE-2020-1729.yml	38.4.0
2026-04-11T22:58:45.341109+00:00	GitLab Importer	Affected by	VCID-vhk6-ks9x-1kes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.smallrye.config/smallrye-config/CVE-2020-1729.yml	38.3.0
2026-04-02T23:07:31.606908+00:00	GitLab Importer	Affected by	VCID-vhk6-ks9x-1kes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.smallrye.config/smallrye-config/CVE-2020-1729.yml	38.1.0
2026-04-01T17:26:51.423236+00:00	GitLab Importer	Affected by	VCID-vhk6-ks9x-1kes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.smallrye.config/smallrye-config/CVE-2020-1729.yml	38.0.0