Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jooby
(Jooby)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-11 | CVE-2020-7647 | All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors. | Jooby | 5.3 | ||
| 2020-04-06 | CVE-2020-7622 | This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting. | Jooby | 9.8 | ||
| 2019-08-23 | CVE-2019-15477 | Jooby before 1.6.4 has XSS via the default error handler. | Jooby | 6.1 |