Vulnerabilities > Hubspot > Jinjava > 2.0.0

DATE CVE VULNERABILITY TITLE RISK
2021-02-19 CVE-2020-12668 Information Exposure vulnerability in Hubspot Jinjava
Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context.
network
low complexity
hubspot CWE-200
6.8
6.8
2019-01-03 CVE-2018-18893 Unspecified vulnerability in Hubspot Jinjava
Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.
network
low complexity
hubspot
5.0
5.0