Search for packages
| purl | pkg:maven/org.jooby/jooby@1.4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3eur-cn49-x3gu
Aliases: CVE-2019-15477 GHSA-f5f4-m7qp-w6gc |
Cross-site Scripting Jooby before has XSS via the default error handler. |
Affected by 2 other vulnerabilities. |
|
VCID-865h-rcm7-2yfz
Aliases: CVE-2020-7647 GHSA-px9h-x66r-8mpc |
Path Traversal Jooby is vulnerable to a Directory Traversal via two separate vectors. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-bckv-bydw-sqff
Aliases: CVE-2020-7622 GHSA-gv3v-92v6-m48j |
Improper Neutralization of CRLF Sequences in HTTP Headers in Jooby ('HTTP Response Splitting) This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:30:18.950700+00:00 | GitLab Importer | Affected by | VCID-865h-rcm7-2yfz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jooby/jooby/CVE-2020-7647.yml | 38.6.0 |
| 2026-06-04T20:29:14.246605+00:00 | GitLab Importer | Affected by | VCID-bckv-bydw-sqff | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jooby/jooby/CVE-2020-7622.yml | 38.6.0 |
| 2026-06-04T20:24:15.359815+00:00 | GitLab Importer | Affected by | VCID-3eur-cn49-x3gu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jooby/jooby/CVE-2019-15477.yml | 38.6.0 |