Ivy
This hub aggregates every CVE we track for Ivy, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 4 most recently published vulnerabilities affecting Ivy.
- CVE-2023-41938A cross-site request forgery (CSRF) vulnerability in Jenkins Ivy Plugin 2.5 and earlier allows attackers to delete disabled modules.6.5
- CVE-2022-46751Apache Ivy: XML External Entity vulnerability in Apache Ivy8.2
- CVE-2022-37866Apache Ivy allows path traversal in the presence of a malicious repository7.5
- CVE-2022-37865Apache Ivy allows creating/overwriting any file on the system9.1
Product normalization is registry-driven with AI assist and human review. How it works