pkg:Maven/org.xwiki.commons:xwiki-commons-velocity

All known vulnerabilities

• CRITICAL10.0CVE-2024-31996XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
  >= 3.0.1, < 14.10.19
• HIGH7.5CVE-2022-24897Arbitrary filesystem write access from velocity.
  >= 2.3.0, < 12.6.7