Maven package
com.squareup.retrofit2/retrofit
pkg:maven/com.squareup.retrofit2/retrofit
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1000850 | — | >= 2.0.0, < 2.5.0 | 2.5.0 | Dec 20, 2018 | Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to | ||
| CVE-2018-1000844 | — | >= 2.0.0, < 2.5.0 | 2.5.0 | Dec 20, 2018 | Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerabilit |
- CVE-2018-1000850Dec 20, 2018affected >= 2.0.0, < 2.5.0fixed 2.5.0
Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to
- CVE-2018-1000844Dec 20, 2018affected >= 2.0.0, < 2.5.0fixed 2.5.0
Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerabilit