com.sparkjava:spark-core@2.0.0 vulnerabilities
-
latest version
2.9.4
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
2 years ago
-
licenses detected
- [1.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.sparkjava:spark-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.sparkjava:spark-core is a web framework for java. Affected versions of this package are vulnerable to Information Exposure. A remote attacker can read unintended static files via various epresentations of absolute or relative pathnames. NOTE: this product is unrelated to Ignite Realtime Spark. How to fix Information Exposure? Upgrade |
[,2.7.2)
|
com.sparkjava:spark-core is a web framework for java. Affected versions of this package are vulnerable to Directory Traversal. A remote attacker could use this flaw to read arbitrary files that are accessible to the user running the process. How to fix Directory Traversal? Upgrade |
[,2.7.2)
|
|
[,2.5.2)
|