Apache Velocity Engine — known CVE vulnerabilities
Every CVE whose affected-product data names Apache Velocity Engine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2020-13936 — CVSS 8.8 (high): An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same…