Maven package
org.grails/grails-core
pkg:maven/org.grails/grails-core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-12728 | — | < 3.3.10 | 3.3.10 | Jun 4, 2019 | Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP. | ||
| CVE-2018-1000529 | — | < 3.3.6 | 3.3.6 | Jun 26, 2018 | Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8. |
- CVE-2019-12728Jun 4, 2019affected < 3.3.10fixed 3.3.10
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP.
- CVE-2018-1000529Jun 26, 2018affected < 3.3.6fixed 3.3.6
Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8.