Vulnerabilities > Diffplug

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-11	CVE-2022-26049	Path Traversal vulnerability in Diffplug Goomph This affects the package com.diffplug.gradle:goomph before 3.37.2. network low complexity diffplug CWE-22	8.8
2019-09-05	CVE-2019-10753	Incorrect Resource Transfer Between Spheres vulnerability in Diffplug Eclipse-Cdt, Eclipse-Groovy and Eclipse-Wtp In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http). network high complexity diffplug CWE-669	5.9
2019-06-28	CVE-2019-9843	XXE vulnerability in Diffplug Gradle and Maven In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities setting. network high complexity diffplug CWE-611	7.5

Vulnerabilities > Diffplug {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Diffplug"}]}