VYPR

Maven package

org.apache.avro/avro-compiler

pkg:maven/org.apache.avro/avro-compiler

Vulnerabilities (1)

  • CVE-2025-33042Feb 13, 2026
    affected >= 1.12.0, < 1.12.1fixed 1.12.1

    Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrad