org.opennms:opennms
Maven9 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.opennms:opennmspage 1 of 1
- CVE-2021-25929MEDIUMCVSS 4.8EG 4.8✓ Fixed in 27.1.12021-05-20
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.…
- CVE-2021-25930MEDIUMCVSS 4.3EG 4.3✓ Fixed in 27.1.12021-05-20
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.…
- CVE-2021-25931HIGHCVSS 8.8EG 8.8✓ Fixed in 27.1.12021-05-20
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.…
- CVE-2021-25933MEDIUMCVSS 4.8EG 4.8✓ Fixed in 27.1.12021-05-20
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.…
- CVE-2021-25934MEDIUMCVSS 5.4EG 5.42021-05-25
In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-…
- CVE-2021-3396HIGHCVSS 8.8EG 8.8✓ Fixed in 27.0.42021-02-17
OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16, and 2020 before 2020.1.5, Horizon 1.2 through 27.0.4, and Newts <1.5.3 has Incorrect Access Control, which allows local and remote code execution using JEXL express…
- CVE-2023-0815MEDIUMCVSS 6.8EG 6.8✓ Fixed in 31.0.42023-02-23
vulnerable: 31.0.3
Potential Insertion of Sensitive Information into Jetty Log Files in multiple versions of OpenNMS Meridian and Horizon could allow disclosure of usernames and passwords if the logging level is set to debug. Users should upgrade to Meridia…
- CVE-2023-0846MEDIUMCVSS 6.7EG 6.7✓ Fixed in 31.0.32023-02-22
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian…
- CVE-2023-0867MEDIUMCVSS 6.7EG 6.7✓ Fixed in 31.0.42023-02-23
vulnerable: 31.0.3
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridi…
Check whether org.opennms:opennms is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.opennms:opennms CVEs against the assets you own.
Start Free Scan →