Search for packages
| purl | pkg:maven/org.clojure/clojure@1.9.0 |
| Next non-vulnerable version | 1.11.2 |
| Latest non-vulnerable version | 1.12.0-alpha9 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-w7w8-8pkp-zuff
Aliases: CVE-2024-22871 GHSA-vr64-r9qj-h27f |
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4thq-85c5-d7cs | In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects. |
CVE-2017-20189
GHSA-jgxc-8mwq-9xqw |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T19:21:52.777726+00:00 | GitLab Importer | Affected by | VCID-w7w8-8pkp-zuff | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.clojure/clojure/CVE-2024-22871.yml | 38.6.0 |
| 2026-06-12T15:47:56.585458+00:00 | GitLab Importer | Fixing | VCID-4thq-85c5-d7cs | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.clojure/clojure/CVE-2017-20189.yml | 38.6.0 |
| 2026-06-12T07:41:12.861807+00:00 | GithubOSV Importer | Fixing | VCID-4thq-85c5-d7cs | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-jgxc-8mwq-9xqw/GHSA-jgxc-8mwq-9xqw.json | 38.6.0 |
| 2026-06-11T20:33:38.861031+00:00 | GHSA Importer | Fixing | VCID-4thq-85c5-d7cs | https://github.com/advisories/GHSA-jgxc-8mwq-9xqw | 38.6.0 |