Lucee Server
By the Year
In 2024 there have been 0 vulnerabilities in Lucee Server . Lucee Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Lucee Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lucee Server Security Vulnerabilities
Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development
CVE-2021-21307
9.8 - Critical
- February 11, 2021
Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, one can block access to the Lucee Administrator.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Lucee Server or by Lucee? Click the Watch button to subscribe.
