Maven package
org.apache.karaf.specs/org.apache.karaf.specs.java.xml
pkg:maven/org.apache.karaf.specs/org.apache.karaf.specs.java.xml
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-11788 | — | >= 4.2.0, < 4.2.2 | 4.2.2 | Jan 7, 2019 | Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XX |
- CVE-2018-11788Jan 7, 2019affected >= 4.2.0, < 4.2.2fixed 4.2.2
Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XX