Known Vulnerabilities for Pluto by Apache
Listed below are 7 of the newest known vulnerabilities associated with "Pluto" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36739 | The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2021-36738 | The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting ... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2021-36737 | The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrat... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2021-29425 | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f... | 4.8 - MEDIUM | 2021-04-13 | 2023-11-07 |
| CVE-2020-15250 | In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerabi... | 5.5 - MEDIUM | 2020-10-12 | 2023-11-07 |
| CVE-2019-0186 | The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) at... | 6.1 - MEDIUM | 2019-04-26 | 2023-11-07 |
| CVE-2018-1306 | The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attack... | 7.5 - HIGH | 2018-06-27 | 2019-03-01 |