Vulnerabilities > Grails

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-46131 Unspecified vulnerability in Grails
Grails is a framework used to build web applications with the Groovy programming language.
network
low complexity
grails
7.5
2022-11-23 CVE-2022-41923 Incorrect Authorization vulnerability in Grails Spring Security Core
Grails Spring Security Core plugin is vulnerable to privilege escalation.
network
low complexity
grails CWE-863
critical
9.8
2019-06-04 CVE-2019-12728 Download of Code Without Integrity Check vulnerability in Grails
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service.
network
grails CWE-494
6.8
2018-06-26 CVE-2018-1000529 Cross-site Scripting vulnerability in Grails Fields 2.2.7
Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS .
network
grails CWE-79
4.3
2018-03-19 CVE-2014-3626 Path Traversal vulnerability in Grails Resources
The Grails Resource Plugin often has to exchange URIs for resources with other internal components.
network
low complexity
grails CWE-22
5.0
2017-02-27 CVE-2017-6344 XXE vulnerability in Grails PDF Plugin 0.6
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document.
network
grails CWE-611
4.3