Maven package
org.codehaus.castor/castor
pkg:maven/org.codehaus.castor/castor
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-3004 | — | < 1.3.3 | 1.3.3 | Jun 11, 2014 | The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document. |
- CVE-2014-3004Jun 11, 2014affected < 1.3.3fixed 1.3.3
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.