How many CVEs does owasp dependency-track have?

owasp dependency-track has 2 published CVE records since 2019.

How many owasp dependency-track CVEs are in CISA KEV?

None of owasp dependency-track's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Which versions of owasp dependency-track are affected?

4 distinct owasp dependency-track versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in owasp dependency-track CVEs?

owasp dependency-track's CVEs most often map to these CWE weakness types: CWE-312 (Cleartext Storage of Sensitive Information).

What is the average severity of owasp dependency-track CVEs?

The average CVSS base score across owasp dependency-track's scored CVEs is 4.4.

owasp dependency-track Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of owasp dependency-track's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High0

Medium1

Low0

1 additional CVE has no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of owasp dependency-track's CVEs are currently listed in CISA's KEV catalog.

Public exploits

No owasp dependency-track CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every owasp dependency-track version named in a CVE, then pick one to see only the CVEs that affect it.

Version ranges

< 3.5.11 CVE
< 4.6.01 CVE

Fixed in

3.5.11 CVE
4.6.01 CVE

Find a version

2 CVEs

Sort

Medium vulnerability · 2022-10-25
CVE-2022-39351
Patch
CWE-312
Medium · CVSS 4.4
EPSS 0.0% (10th pct)2022-10-25
Vulnerability · 2019-07-29
CVE-2019-1020007
Patch
Unscored
EPSS 0.2% (43th pct)2019-07-29

Severity and exploitation

Affected versions and CVEs

Version ranges

Fixed in

owasp dependency-track Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Version ranges

Fixed in

Common weakness types

Disclosure activity by year

Other owasp products

Frequently asked questions

How many CVEs does owasp dependency-track have?

How many owasp dependency-track CVEs are in CISA KEV?

Are there public exploits for owasp dependency-track vulnerabilities?

Which versions of owasp dependency-track are affected?

What are the most common weakness types in owasp dependency-track CVEs?

What is the average severity of owasp dependency-track CVEs?

References

Track owasp dependency-track vulnerabilities