Hibernate Validator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Hibernate Validator.
By the Year
In 2025 there have been 0 vulnerabilities in Hibernate Validator. Last year, in 2024 Hibernate Validator had 1 security vulnerability published. Right now, Hibernate Validator is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 1 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 6.10 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Hibernate Validator vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hibernate Validator Security Vulnerabilities
Hibernate-Validator SafeHtmlValidator XSS Bypass
CVE-2023-1932
- November 07, 2024
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.
A vulnerability was found in Hibernate-Validator
CVE-2019-10219
6.1 - Medium
- November 08, 2019
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Banking Deposits Lines Credit Servicing or by Hibernate? Click the Watch button to subscribe.
