pkg:Maven/org.xwiki.commons:xwiki-commons-velocity

2 total CVEsCRITICAL1HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2024-31996XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
    >= 3.0.1, < 14.10.19
  • HIGH7.5CVE-2022-24897Arbitrary filesystem write access from velocity.
    >= 2.3.0, < 12.6.7