org.dspace:dspace-api

Licenses: BSD-2-Clause

Direct Vulnerabilities

Known vulnerabilities in the org.dspace:dspace-api package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

[,7.6.7)[8.0-rc1,8.4)[9.0-rc1,9.3)[10-rc1,10.0)
  • H
Arbitrary Code Injection

[8.0-rc1,8.4)[9.0-rc1,9.3)[10.0-rc1,10.0)
  • M
Directory Traversal

[8.0-rc1,8.4)[9.0-rc1,9.3)[10.0-rc1,10.0)
  • M
Improper Restriction of Names for Files and Other Resources

[,7.6.7)[8.0-rc1,8.4)[9.0-rc1,9.3)[10-rc1,10.0)
  • H
Directory Traversal

[,7.6.4)[8.0,8.2)[9.0,9.1)
  • H
XML External Entity (XXE) Injection

[,7.6.4)[8.0,8.2)[9.0,9.1)
  • H
Directory Traversal

[,5.11)[6.0,6.4)
  • H
Incorrect Authorization

[7.0,7.1)
  • M
Access Restriction Bypass

[7.0-beta1,7.0-preview-1)

Package versions

113 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
10.028 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
10.0-rc13 Apr, 2026
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L
9.328 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
9.217 Dec, 2025
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L
9.114 Jul, 2025
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L
9.023 May, 2025
  • 0
    C
  • 4
    H
  • 2
    M
  • 0
    L
9.0-rc14 Apr, 2025
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L
8.428 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
8.317 Dec, 2025
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L
8.214 Jul, 2025
  • 0
    C
  • 2
    H
  • 2
    M
  • 0
    L