Known Vulnerabilities for Velocity Engine by Apache
Listed below are 1 of the newest known vulnerabilities associated with "Velocity Engine" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-13936 | An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with t... | 8.8 - HIGH | 2021-03-10 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Velocity Engine | 2.3 | All | All | All |
| Application | Apache | Velocity Engine | 2.2 | All | All | All |
| Application | Apache | Velocity Engine | 2.1 | All | All | All |
| Application | Apache | Velocity Engine | 2.0 | All | All | All |
| Application | Apache | Velocity Engine | 1.7 | All | All | All |
| Application | Apache | Velocity Engine | 1.6.2 | All | All | All |
| Application | Apache | Velocity Engine | 1.6.1 | All | All | All |
| Application | Apache | Velocity Engine | 1.6 | All | All | All |
| Application | Apache | Velocity Engine | 1.5 | All | All | All |
| Application | Apache | Velocity Engine | 1.4 | All | All | All |