com.expediagroup.dropwizard:dropwizard-resilience4j-bundle (>=3.0.0 <=3.1.0), com.expediagroup.dropwizard:dropwizard-template-config (=2.0.0) +151 more potentially affected by CVE-2020-11002 +1 more via io.dropwizard:dropwizard-validation (>=2.0.0 <=2.0.19)

io.dropwizard:dropwizard-validation MAVEN version =2.0.0, =3.0.0, =3.0.0, =4.0.0, =2.0.0, =2.3, =2.3, =clienthcnovehicle and more Source cves: CVE-2020-11002, CVE-2020-5245 Source advisory: OSV:GHSA-3MCP-9WR4-CJQF...

PT-2020-6653 · Unknown · Dropwizard-Validation

Name of the Vulnerable Software and Affected Versions: Dropwizard-Validation versions prior to 1.3.19 Dropwizard-Validation versions prior to 2.0.2 Description: The issue allows arbitrary code execution on the host system with the privileges of the Dropwizard service account by injecting arbitrar...