io.pebbletemplates:pebble (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package io.pebbletemplates:pebble, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-37767 — CVSS 9.8 (critical): Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the…
CVE-2025-1686 — CVSS 6.8 (medium): Versions of the package io.pebbletemplates:pebble from 0 and before 4.1.0 are vulnerable to External Control of File Name or Path via the…
CVE-2025-27137 — CVSS 4.4 (medium): Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain…