Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Jooby Security Vulnerabilities

cve
cve

CVE-2019-15477

Jooby before 1.6.4 has XSS via the default error handler.

6.1CVSS

5.9AI Score

0.001EPSS

2019-08-23 01:15 PM
26
cve
cve

CVE-2020-7622

This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting.

9.8CVSS

9.4AI Score

0.007EPSS

2020-04-06 03:15 PM
53
cve
cve

CVE-2020-7647

All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors.

5.3CVSS

5.1AI Score

0.002EPSS

2020-05-11 08:15 PM
59