Skip to main content

Graphhopper

2 CVEs product

Monthly

CVE-2021-23408 Maven MEDIUM POC PATCH This Month

This affects the package com.graphhopper:graphhopper-web-bundle before 3.2, from 4.0-pre1 and before 4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Graphhopper
NVD GitHub
CVSS 3.1
4.3
EPSS
1.4%
CVE-2021-29506 Maven MEDIUM PATCH This Month

GraphHopper is an open-source Java routing engine. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Graphhopper
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

This affects the package com.graphhopper:graphhopper-web-bundle before 3.2, from 4.0-pre1 and before 4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Graphhopper
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

GraphHopper is an open-source Java routing engine. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Java Graphhopper
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy