Org.hibernate:hibernate-validator
This hub aggregates every CVE we track for Org.hibernate:hibernate-validator, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH2
Monthly trend
0
0
0
0
1
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Org.hibernate:hibernate-validator.
- CVE-2025-35036hibernate-validator insecure default Expression Language interpolation7.3
- CVE-2023-1932Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss6.1
- CVE-2020-10693A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows atta...5.3
- CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1
- CVE-2017-7536In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, ...7.0
- CVE-2014-3558ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager...5.0
Product normalization is registry-driven with AI assist and human review. How it works