Eclipse Memory Analyzer — known CVE vulnerabilities
Every CVE whose affected-product data names Eclipse Memory Analyzer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-17634 — CVSS 9.0 (critical): Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report…
CVE-2019-17635 — CVSS 7.8 (high): Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is…
CVE-2023-6194 — CVSS 2.8 (low): In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition (DTD)…