Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
com.smartling.aem/com.smartling.aem.connec… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
com.smartling.aem
com.smartling.aem.connector
5.9.65
com.smartling.aem.connector 5.9.65
Latest
com.smartling.aem
Published
May 15, 2026
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Recommended upgrade that meets your policy.
Compare Versions
Overview
Overview
Versions
118
Versions
118
Vulnerabilities
18
Vulnerabilities
18
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(8)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
6.9
CVE-2025-49128
Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array instead of the logical payload start. This results in possible information disclosure in systems using pooled or reused buffers, like Netty or Vert.x. This issue was silently fixed in jackson-core version 2.13.0, released on September 30, 2021, via PR #652. All users should upgrade to version 2.13.0 or later. If upgrading is not immediately possible, applications can mitigate the issue by disabling exception message exposure to clients to avoid returning parsing exception messages in HTTP responses and/or disabling source inclusion in exceptions to prevent Jackson from embedding any source content in exception messages, avoiding leakage.
affected
Severity
Medium
Published
Jun 10, 2025
6.9
sonatype-2025-000535
github.com/sigstore/sigstore-java (gson) - Stack-based Buffer Overflow [CVE-2025-53864]
affected
Severity
Medium
5.3
CVE-2024-47554
Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
affected
Severity
Medium
5.3
CVE-2024-21742
Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages.
affected
Severity
Medium
Published
Feb 28, 2024
5.5
CVE-2023-0482
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
affected
Severity
Medium
Published
Feb 1, 2023
5.5
CVE-2022-45787
Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later.
affected
Severity
Medium
Published
5.3
CVE-2022-24329
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
affected
Severity
Medium
Published
Mar 3, 2022
6.5
sonatype-2016-0415
org.glassfish.grizzly:grizzly-http-server - Cross-site Scripting (XSS)
affected
Severity
Medium
Published
Nov 13, 2017
Published
Feb 13, 2025
Published
Oct 4, 2024
Jan 9, 2023
