pkg:Maven/net.sourceforge.pmd:pmd-core
3 total CVEsHIGH1MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH8.1CVE-2019-7722Improper Restriction of XML External Entity Reference in PMD from 0, < 6.0.0
MEDIUM6.8CVE-2026-28338PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages from 0, < 7.22.0
—CVE-2025-23215PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext >= 6.21.0, < 7.10.0