{"id":19884,"date":"2026-06-11T22:43:00","date_gmt":"2026-06-11T20:43:00","guid":{"rendered":"http:\/\/stocks-future.com\/?guid=334d834b00152948352e10630c8d88f0"},"modified":"2026-06-11T22:43:00","modified_gmt":"2026-06-11T20:43:00","slug":"liquibase-launches-free-cve-library-for-community-users","status":"publish","type":"post","link":"https:\/\/stocks-future.com\/?p=19884","title":{"rendered":"Liquibase Launches Free CVE Library for Community Users"},"content":{"rendered":"<p>\nNew public resource gives Liquibase Community users release-by-release security visibility into known vulnerabilities across releases, Docker images, binaries, and dependencies.<\/p><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829824\/5\/Liquibase_Figure_1_CVE_Library_-_Score.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829824\/22\/Liquibase_Figure_1_CVE_Library_-_Score.jpg\" \/><\/a><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829824\/5\/Liquibase_Figure_1_CVE_Library_-_Score.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829824\/21\/Liquibase_Figure_1_CVE_Library_-_Score.jpg\" \/><\/a><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829706\/5\/Liquibase_logo.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829706\/22\/Liquibase_logo.jpg\" \/><\/a><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829706\/5\/Liquibase_logo.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260611211971\/en\/2829706\/21\/Liquibase_logo.jpg\" \/><\/a><p>AUSTIN, Texas--(BUSINESS WIRE)--<a href=\"https:\/\/twitter.com\/hashtag\/Binary?src=hash\" >#Binary<\/a>--Today, Liquibase is proud to release the open source <b>Liquibase CVE Library<\/b> (Common Vulnerabilities and Exposures Library) to foster security and transparency across the Liquibase Community. The free, publicly available library helps users of older versions of Liquibase Community identify existing vulnerabilities and get a clearer sense of their security posture. By tying vulnerability data directly to Liquibase releases, the CVE Library helps teams see their risk exposure, compare versions, and take informed action to secure the software they run.<\/p><p>\nAttackers need only to find a single exploit to breach a network and IT infrastructure, making comprehensive CVE libraries increasingly invaluable to security teams seeking to stay ahead of Mythos-class threat capabilities by patching all known weaknesses before they can be targeted.<\/p><p>\nTo date, the Liquibase Community project has been downloaded over 100 million times.<\/p><p>\n<b>How does the Liquibase CVE Library work?<\/b><\/p><p>\nEvery time Liquibase ships a new release, automated security scanning tools analyze both the Docker image and the Liquibase binary for known vulnerabilities. Scanning also runs against previously published images, maintaining an up-to-date view of the evolving threat landscape and catching anything that surfaces post-release. The site organizes everything by image and version. You can see a high-level security grade and CVE counts for the latest release, drill into any specific version for the full vulnerability list, or use the comparison tool to see exactly which CVEs were resolved, or introduced, between two releases.<\/p><p>\n<b>Which environments are supported?<\/b><\/p><p>\nThe CVE Library currently covers two areas:<\/p><ul class=\"bwlistdisc\">\n<li>\n<b>Docker images<\/b>: The official Liquibase Community Docker image.<\/li>\n<li>\n<b>Liquibase binary<\/b>: Vulnerabilities in the Liquibase JARs themselves, regardless of how you install it.<\/li>\n<\/ul><p>\n<b>What you'll see<\/b><\/p><p>\nFor each vulnerability, the CVE Library shows:<\/p><ul class=\"bwlistdisc\">\n<li>\n<b>CVE ID, Severity, and CVSS score<\/b>: Presented with clear information and links to learn more.<\/li>\n<li>\n<b>Affected package<\/b>: The specific details needed to understand what is vulnerable.<\/li>\n<li>\n<b>Fix available<\/b>: The package version that resolves it, if one exists; and where applicable, the first Liquibase image version where the CVE no longer appears.<\/li>\n<li>\n<b>Component type<\/b>: Additional vulnerability details to help understand the risk.<\/li>\n<li>\n<b>First-party vs. third-party<\/b>: Whether the vulnerability is in Liquibase's own code or an upstream dependency.<\/li>\n<\/ul><p>\nThe full list is filterable by severity, component type, and keyword search, and can be exported as CSV or PDF. (See figures.)<\/p><p>\n<b>Part of a broader commitment to the Community<\/b><\/p><p>\nThe CVE Library doesn't stand alone. Since September of 2025, Liquibase has released a steady stream of enhancements and fixes for the Liquibase Community. Recently, in May of 2026, Liquibase standardized on two clear paths to updates: <b>quarterly Community releases<\/b> and continuous <b>nightly builds<\/b> on GitHub (available at <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=http%3A%2F%2Fgithub.com%2Fliquibase%2Fliquibase%2Freleases%2Ftag%2Fnightly&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=github.com%2Fliquibase%2Fliquibase%2Freleases%2Ftag%2Fnightly&amp;index=1&amp;md5=d5d60d588f2460a54c83c1dcc273a329\" rel=\"nofollow\" shape=\"rect\">github.com\/liquibase\/liquibase\/releases\/tag\/nightly<\/a>). The CVE Library now makes that ongoing work readily visible so users don't have to just trust that issues are being addressed, they can see it, release by release.<\/p><p>\n<b>For teams that need enterprise assurance<\/b><\/p><p>\nThe Liquibase CVE Library gives Community users clear visibility into known vulnerability exposure. For organizations running Liquibase in regulated, mission-critical, AI-enabled, or enterprise production environments, visibility is often the first step. Liquibase Secure provides a fully supported enterprise distribution with SLA-backed support, tested components, policy checks, drift detection, structured audit logs, and governance controls for teams that need to reduce risk while maintaining delivery velocity.<\/p><p>\n<b>Take a look and get involved<\/b><\/p><p>\nThe Liquibase Community thrives because people around the world step up to contribute. Here's how to get in touch and take part:<\/p><ul class=\"bwlistdisc\">\n<li>\nExplore the CVE Library today at <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fcve-library.liquibase.com%2F&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=https%3A%2F%2Fcve-library.liquibase.com&amp;index=2&amp;md5=01dca7f6b6a6a1bf1666f760373db61e\" rel=\"nofollow\" shape=\"rect\"><b>https:\/\/cve-library.liquibase.com<\/b><\/a>.<\/li>\n<li>\n<b>Ask questions or start a discussion<\/b> on the <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fforum.liquibase.org%2F&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=Liquibase+Forum&amp;index=3&amp;md5=514a58f3fc83945d9f24e97709f47074\" rel=\"nofollow\" shape=\"rect\">Liquibase Forum<\/a>.<\/li>\n<li>\n<b>Report a bug or request a feature<\/b> in the GitHub issue tracker at <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fgithub.com%2Fliquibase%2Fliquibase&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=github.com%2Fliquibase%2Fliquibase&amp;index=4&amp;md5=bef4ea81522a0ff53b08c1168186c9dc\" rel=\"nofollow\" shape=\"rect\">github.com\/liquibase\/liquibase<\/a>.<\/li>\n<\/ul><p>\n<b>About Liquibase<\/b><\/p><p>\nLiquibase empowers teams to deliver mission-critical applications, data products, and AI initiatives by automating and governing database change. We are the company behind Liquibase Community, a project with deep open-source roots that has been downloaded more than 100 million times and is trusted by thousands of teams worldwide.<\/p><p>\nLiquibase Secure, built on that proven community foundation, is the only enterprise platform that unifies DevOps, security, and compliance at the database layer. It enables organizations to deliver applications and data products with velocity, safety, and confidence. Trusted by the world\u2019s most innovative and highly regulated enterprises, Liquibase Secure powers the last mile of application and data delivery.<\/p><p>\nLearn more at <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=http%3A%2F%2Fwww.liquibase.com&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=www.liquibase.com&amp;index=5&amp;md5=99e639d3a47d246d364262a19ad0491a\" rel=\"nofollow\" shape=\"rect\">www.liquibase.com<\/a>. Follow us on <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fliquibase%2F&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=LinkedIn&amp;index=6&amp;md5=6f5afbb92f1f63435d0901a75d21baa2\" rel=\"nofollow\" shape=\"rect\">LinkedIn <\/a>and <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fx.com%2Fliquibase&amp;esheet=54552226&amp;newsitemid=20260611211971&amp;lan=en-US&amp;anchor=X&amp;index=7&amp;md5=d3ce275aee96950f96903710b603d2b6\" rel=\"nofollow\" shape=\"rect\">X<\/a>.<\/p><br\/> <b>Contacts<\/b> <br\/><p>\n<b>Media Contact:<\/b><br\/>Torry Cullen\n<br\/><a  href=\"mailto:Torry@MadisonAlexanderPR.com\" rel=\"nofollow\" shape=\"rect\">Torry@MadisonAlexanderPR.com<\/a><br\/>(781) 363-2542<\/p>","protected":false},"excerpt":{"rendered":"<p>New public resource gives Liquibase Community users release-by-release security visibility into known vulnerabilities across releases, Docker images, binaries, and dependencies.AUSTIN, Texas&#8211;(BUSINESS WIRE)&#8211;#Binary&#8211;Today, Liquibase is proud to rele&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19884","post","type-post","status-publish","format-standard","hentry","category-infos-businesswire"],"_links":{"self":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/19884","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=19884"}],"version-history":[{"count":1,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/19884\/revisions"}],"predecessor-version":[{"id":19885,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/19884\/revisions\/19885"}],"wp:attachment":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=19884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=19884"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=19884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}