VYPR

Maven package

io.jmix.localfs/jmix-localfs

pkg:maven/io.jmix.localfs/jmix-localfs

Vulnerabilities (2)

  • CVE-2025-32952Apr 22, 2025
    affected >= 1.0.0, < 1.6.2fixed 1.6.2

    Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excess

  • CVE-2025-32950Apr 22, 2025
    affected >= 1.0.0, < 1.6.2fixed 1.6.2

    Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the ap