How many CVEs does owasp enterprise security api have?

owasp enterprise security api has 4 published CVE records since 2013.

How many owasp enterprise security api CVEs are in CISA KEV?

None of owasp enterprise security api's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Which versions of owasp enterprise security api are affected?

6 distinct owasp enterprise security api versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in owasp enterprise security api CVEs?

owasp enterprise security api's CVEs most often map to these CWE weakness types: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).

What is the average severity of owasp enterprise security api CVEs?

The average CVSS base score across owasp enterprise security api's scored CVEs is 6.5.

owasp enterprise security api Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of owasp enterprise security api's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High1

Medium1

Low0

2 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of owasp enterprise security api's CVEs are currently listed in CISA's KEV catalog.

Public exploits

2 of owasp enterprise security api's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every owasp enterprise security api version named in a CVE, then pick one to see only the CVEs that affect it.

Version ranges

< 2.3.0.02 CVEs
2.0 <= v < 2.1.0.11 CVE
2.0 <= v <= 2.01 CVE
2.0.1 <= v <= 2.0.11 CVE

Fixed in

2.3.0.02 CVEs
2.1.0.11 CVE

Find a version

4 CVEs

Sort

Cross-site Scripting in org.owasp.esapi:esapi -- antisamy-esapi.xml configuration file
CVE-2022-24891
Public exploit
Patch
CWE-79
Medium · CVSS 5.4
EPSS 1.0% (78th pct)2022-04-27
Path Traversal in ESAPI
CVE-2022-23457
Public exploit
Patch
CWE-22
High · CVSS 7.5
EPSS 0.5% (68th pct)2022-04-25
Vulnerability · 2013-09-30
CVE-2013-5960
Patch
Unscored
EPSS 0.2% (39th pct)2013-09-30
Vulnerability · 2013-09-30
CVE-2013-5679
Patch
Unscored
EPSS 0.1% (17th pct)2013-09-30

Severity and exploitation

Affected versions and CVEs

Version ranges

Fixed in

owasp enterprise security api Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Version ranges

Fixed in

Common weakness types

Disclosure activity by year

Other owasp products

Frequently asked questions

How many CVEs does owasp enterprise security api have?

How many owasp enterprise security api CVEs are in CISA KEV?

Are there public exploits for owasp enterprise security api vulnerabilities?

Which versions of owasp enterprise security api are affected?

What are the most common weakness types in owasp enterprise security api CVEs?

What is the average severity of owasp enterprise security api CVEs?

References

Track owasp enterprise security api vulnerabilities