VYPR

Micronaut Core

by Micronaut Projects

Source repositories

CVEs (7)

  • CVE-2026-44241HigMay 12, 2026
    risk 0.42cvss 7.5epss 0.00

    Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap<String, DateTimeFormatter>…

  • CVE-2026-44242LowMay 12, 2026
    risk 0.17cvss 3.7epss 0.00

    Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Prior to 4.10.22, the bundleCache is keyed by (Locale, baseName) where the locale originates from the HTTP Accept-Language header. In applications that…

  • CVE-2026-33013Mar 20, 2026
    risk 0.00cvss epss 0.01

    Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions prior to both 4.10.16 and 3.10.5 do not correctly handle descending array index order during form-urlencoded body binding in…

  • CVE-2026-33012Mar 20, 2026
    risk 0.00cvss epss 0.01

    Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the…

  • CVE-2024-23639Feb 9, 2024
    risk 0.00cvss epss 0.00

    Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Enabled but unsecured management endpoints are susceptible to drive-by localhost attacks.…

  • CVE-2022-21700Jan 18, 2022
    risk 0.00cvss epss 0.01

    Micronaut is a JVM-based, full stack Java framework designed for building JVM web applications with support for Java, Kotlin and the Groovy language. In affected versions sending an invalid Content Type header leads to memory leak in DefaultArgumentConversionContext as this type…

  • CVE-2021-32769Jul 16, 2021
    risk 0.00cvss epss 0.02

    Micronaut is a JVM-based, full stack Java framework designed for building JVM applications. A path traversal vulnerability exists in versions prior to 2.5.9. With a basic configuration, it is possible to access any file from a filesystem, using "/../../" in the URL. This occurs…

VYPR — Vulnerability Intelligence