Jolokia
By the Year
In 2024 there have been 0 vulnerabilities in Jolokia . Jolokia did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 8.80 |
| 2018 | 1 | 6.10 |
It may take a day or so for new Jolokia vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jolokia Security Vulnerabilities
A flaw was found in Jolokia versions from 1.2 to before 1.6.1
CVE-2018-10899
8.8 - High
- August 01, 2019
A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
Session Riding
An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet
CVE-2018-1000129
6.1 - Medium
- March 14, 2018
An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
XSS
