Scala Sbt Sbt
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Scala Sbt Sbt.
By the Year
In 2026 there have been 0 vulnerabilities in Scala Sbt Sbt. Sbt did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.10 |
It may take a day or so for new Sbt vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Scala Sbt Sbt Security Vulnerabilities
sbt 1.9.6 and earlier: arbitrary file write via IO.unzip in zip/JAR
CVE-2023-46122
7.1 - High
- October 23, 2023
sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwrite `/root/.ssh/authorized_keys`. Within sbt's main code, `IO.unzip` is used in `pullRemoteCache` task and `Resolvers.remote`; however many projects use `IO.unzip(...)` directly to implement custom tasks. This vulnerability has been patched in version 1.9.7.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Scala Sbt Sbt or by Scala Sbt? Click the Watch button to subscribe.
