cbcvebase.

Jfree Jfreechart vulnerabilities

6 known vulnerabilities affecting jfree/jfreechart.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2024-22949P3CRITICALCVSS 9.1v1.5.42024-04-08
CVE-2024-22949 [CRITICAL] CWE-125 CVE-2024-22949: JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotati JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust fo
nvd
CVE-2023-52070P3HIGHCVSS 8.4v1.5.42024-04-10
CVE-2023-52070 [HIGH] CWE-125 CVE-2023-52070: JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle( JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for
nvd
CVE-2024-23077P3HIGHCVSS 7.5v1.5.42024-04-10
CVE-2024-23077 [HIGH] CWE-120 CVE-2024-23077: JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/ JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnera
nvd
CVE-2007-6307P4MEDIUMCVSS 4.3PoCv1.0.82007-12-11
CVE-2007-6307 [MEDIUM] CWE-79 CVE-2007-6307: Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote attackers to inject arbitrary web script or HTML via (1) the link parameter or (2) the User-Agent HTTP header.
nvd
CVE-2024-23076P3HIGHCVSS 7.5v1.5.42024-04-10
CVE-2024-23076 [HIGH] CWE-476 CVE-2024-23076: JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleX JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vuln
nvd
CVE-2007-6306P4MEDIUMCVSS 4.3v1.0.82007-12-11
CVE-2007-6306 [MEDIUM] CWE-79 CVE-2007-6306: Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 all Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coords attribute of a chart area.
nvd
Jfree Jfreechart vulnerabilities | cvebase