VYPR

Maven package

org.apache.sis.core/sis-metadata

pkg:maven/org.apache.sis.core/sis-metadata

Vulnerabilities (1)

  • CVE-2025-68280Jan 5, 2026
    affected >= 0.4, < 1.6fixed 1.6

    Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerabil