org.codehaus.groovy:groovy-all (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.codehaus.groovy:groovy-all, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2015-3253 — CVSS 9.8 (critical): The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary…
CVE-2016-6814 — CVSS 9.8 (critical): When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses…
CVE-2020-17521 — CVSS 5.5 (medium): Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those…