Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is...
9.8CVSS
9.4AI Score
0.005EPSS
Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequest#set and `jodd.http.HttpRequest#send. These vulnerabilities allow attackers to execute Server-Side Request Forgery (SSRF) via a crafted TCP...
7.5CVSS
7.8AI Score
0.001EPSS