Scala Sbt
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Scala Sbt product.
RSS Feeds for Scala Sbt security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Scala Sbt products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Scala Sbt Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 0 vulnerabilities in Scala Sbt. Scala Sbt did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.10 |
It may take a day or so for new Scala Sbt vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Scala Sbt Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2023-46122 | Oct 23, 2023 |
sbt 1.9.6 and earlier: arbitrary file write via IO.unzip in zip/JARsbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwrite `/root/.ssh/authorized_keys`. Within sbt's main code, `IO.unzip` is used in `pullRemoteCache` task and `Resolvers.remote`; however many projects use `IO.unzip(...)` directly to implement custom tasks. This vulnerability has been patched in version 1.9.7. |
Sbt
Io
|