Products

Never-Ending Support for Open Source

The Never-Ending Support product line offers secure drop-in replacements for end-of-life open-source software your team depends on.

Explore Pricing Talk to Sales See All Products

Get a Custom Quote

Featured NES Products

Other NES Products

Apache Solr & Lucene NES

Products Overview

Explore our range of Never-Ending Support Products (20)

All Products

Solutions

Never Ending Support for Open Source.

HeroDevs partners with open-source authors to give companies Never-Ending Support, expert consulting, and engineering for sunsetted open-source packages.

Explore Pricing Talk to Sales View All Products

Get a Custom Quote

SOLUTIONS BY INDUSTRY

THOUGHT LEADERSHIP

How HeroDevs Supports the White House’s 2023 Open Source Security Initiatives with Proactive, Long-Term Solutions

Mitigating Open Source Software Risks with HeroDevs’ Never-Ending Support

Open Source Software Risks in 2024: Strategies for Securing Legacy Systems

Professional Services

Unlock the full potential of your HeroDevs solutions with our Professional Services. From expert guidance to complete implementation, get white-glove service tailored to your needs—ensuring seamless performance and peace of mind.

Learn More

Pricing

Developers

Integrate Seamlessly With Your Current Build Process

Switching to NES take minutes and is as simple as pointing to our private repository.

Policies Terms of Service

Service Level Agreements

Vulnerability Directory

NES Documentation

Explore install and release notes for all NES products

NES Documentation

GUIDES

Download Methods Consuming Never-Ending Support Packages Nexus Repository Manager Instructions Artifactory Repository Manager Instructions

TOOLS

HeroDevs CLI Vulnerability Directory Never-Ending Support Portal Report Vulnerability XEOL

GUIDES

Mitigating Open Source Software Risks with HeroDevs’ Never-Ending Support

Open Source Software Risks in 2024: Strategies for Securing Legacy Systems

Resources

Explore the HeroDevs blog, whitepapers, documentation, and more to stay informed.

Blog Shows Case Studies Newsletters White Papers Media Kit

Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Vulnerability Directory

Company

Careers Customers

Documentation

NES Documentation

Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Search here

Filter by Severity

CriticalHighMediumLow

Filter by Technology

All Technologies

AngularJS

Angular

jQuery

Bootstrap

Spring

Express

Node.js

Rails

Apache Struts

Next.js

Subscribe via RSS

First Name *

Last Name *

Work Email *

Thanks for signing up for our Newsletter! We look forward to connecting with you.

Oops! Something went wrong while submitting the form.

Severity

Technology

Libraries Affected

Category

Version(s) Affected

Published Date

High

CVE-2014-3482

Rails

Ruby on Rails Framework

Denial of Service

<=3.2.18 Only for instances using PostgreSQL

Jul 7, 2024

Medium

CVE-2024-27982

Node.js

HTTP Request Smuggling

<21.7.2, <20.12.1, <v18.20.1, <= 16.20.2, <=v14.21.3, <= v12.22.12

May 1, 2024

Medium

CVE-2024-33665

AngularJS

Angular Translate

Cross-Site Scripting

>=2.19.1

Apr 25, 2024

High

CVE-2024-22262

Spring

Spring Framework

URL Redirect/Open Redirect

>=4.3.0, >=5.3.0 <5.3.34, >=6.0.0 <6.0.19, >=6.1.0 <6.1.6

Apr 16, 2024

High

CVE-2024-22259

Spring

Spring Framework

URL Redirect/Open Redirect

<=4.3.31, >=5.3.0 <5.3.33, >=6.0.0 <6.0.17, >=6.1.0 <6.1.5

Mar 16, 2024

High

CVE-2024-26142

Rails

Ruby on Rails Framework

Denial of Service

7.1.0.0 to 7.1.3.0

Feb 27, 2024

High

CVE-2024-22243

Spring

Spring Framework

URL Redirect/Open Redirect

>=4.3.0 <=4.3.30, >=5.3.0 <5.3.32, >=6.0.0 <6.0.17, >=6.1.0 <6.1.4

Feb 23, 2024

High

CVE-2024-22234

Spring

Spring Security

Authorization Bypass

<6.1.7, >=6.2.0 <6.2.2

Feb 19, 2024

Medium

CVE-2024-22025

Node.js

Denial of Service

<21.6.2, <20.11.1, <v18.19.1, <= 16.20.2

Feb 14, 2024

High

CVE-2024-22019

Node.js

Denial of Service

<21.6.2, <20.11.1, <v18.19.1, <= 16.20.2, <=v14.21.3, <= v12.22.12

Feb 14, 2024

High

CVE-2024-21490

AngularJS

ReDoS Vulnerability

>=1.3.0

Feb 10, 2024

High

CVE-2014-0114

Struts

Apache Commons BeanUtils

Remote Code Execution

<=1.9.2

Feb 1, 2024

High

CVE-2016-1182

Struts

Apache Struts

Cross-Site Scripting

>=1.0.0 <=1.3.10

Feb 1, 2024

High

CVE-2016-1181

Struts

Apache Struts

Authorization Bypass

>=1.0.0 <=1.3.10

Feb 1, 2024

High

CVE-2015-0899

Struts

Apache Struts

Authorization Bypass

>=1.1.0 <=1.3.10

Feb 1, 2024

No results found

Please enter a valid Vulnerability ID number or Technology name.

Drop-in replacements for deprecated open source software that keeps you secure and compliant.

+1 877-586-1965

hello@herodevs.com

8850 S 700 E #2437 Sandy, UT 84070

Overview

Never-Ending Support (NES) Products

Apache Solr & Lucene NES

Solutions

Company

Resources

Vulnerability Directory

Partners

Cookies Preferences

By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences Reject Accept

Manage Consent Preferences by Category

Essentials

Always active

Necessary for the site to function. Always On.

Marketing

Used for targeted advertising.

Personalization

Remembers your preferences and provides enhanced features.

Analytics

Measures usage and improves your experience.

Reject All Accept All

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.