Dropwizard Dropwizard Validation — known CVE vulnerabilities
Every CVE whose affected-product data names Dropwizard Dropwizard Validation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-11002 — CVSS 8.0 (high): dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was…
CVE-2020-5245 — CVSS 7.9 (high): Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard…