Maven package
org.apache.sis.core/sis-metadata
pkg:maven/org.apache.sis.core/sis-metadata
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68280 | — | >= 0.4, < 1.6 | 1.6 | Jan 5, 2026 | Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerabil |
- CVE-2025-68280Jan 5, 2026affected >= 0.4, < 1.6fixed 1.6
Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerabil