pkg:maven/org.dom4j/dom4j
Type
maven
Namespace
org.dom4j
Name
dom4j
Known advisories, vulnerabilities and fixes for org.dom4j/dom4j package.
Critical
1
High
1
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | = 2.1.0 < 2.0.3 <= 1.6.1 |
CVE-2018-1000632
|
MAVEN:GHSA-6PCC-3RFX-4GPM | Dom4j contains a XML Injection vulnerability | high |
2018-10-16T17:01:25
(6 years ago) |
|
Fixed | = 2.1.1 = 2.0.3 |
CVE-2018-1000632
|
MAVEN:GHSA-6PCC-3RFX-4GPM | Dom4j contains a XML Injection vulnerability | high |
2018-10-16T17:01:25
(6 years ago) |
|
Affected | <= 2.1.4 |
CVE-2023-45960
|
MAVEN:GHSA-FGQ9-FC3Q-VQMW | Withdrawn Advisory: dom4j XML Entity Expansion vulnerability | moderate |
2023-10-25T18:32:23
(10 months ago) |
|
Affected | >= 2.1.0, < 2.1.3 < 2.0.3 <= 1.6.1 |
CVE-2020-10683
|
MAVEN:GHSA-HWJ3-M3P6-HJ38 | dom4j allows External Entities by default which might enable XXE attacks | critical |
2020-06-05T16:13:36
(4 years ago) |
|
Fixed | = 2.1.3 = 2.0.3 |
CVE-2020-10683
|
MAVEN:GHSA-HWJ3-M3P6-HJ38 | dom4j allows External Entities by default which might enable XXE attacks | critical |
2020-06-05T16:13:36
(4 years ago) |