Known Vulnerabilities for Maven by Apache
Listed below are 3 of the newest known vulnerabilities associated with "Maven" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-13502 json | A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4... | Not Provided | 2026-06-28 | 2026-06-29 |
| CVE-2026-9563 json | In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum ... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-7860 json | A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the f... | Not Provided | 2026-05-19 | 2026-05-21 |
| CVE-2026-5952 json | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2021-37714 json | jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may ... | 7.5 - HIGH | 2021-08-18 | 2023-11-07 |
| CVE-2021-26291 json | Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising... | 9.1 - CRITICAL | 2021-04-23 | 2023-11-07 |
| CVE-2013-0253 json | Not Provided | 2013-04-09 | 2026-04-29 |