org.codehaus.castor:castor-xml@1.3.2 vulnerabilities
-
latest version
1.4.1
-
latest non vulnerable version
-
first published
16 years ago
-
latest version published
8 years ago
-
licenses detected
- [1.3rc1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.codehaus.castor:castor-xml package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.codehaus.castor:castor-xml is a data binding framework for Java Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. The default configuration for the Xerces SAX Parser allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document. How to fix XML External Entity (XXE) Injection? Upgrade |
[,1.3.3)
|