VYPR

Maven package

org.codehaus.castor/castor

pkg:maven/org.codehaus.castor/castor

Vulnerabilities (1)

  • CVE-2014-3004Jun 11, 2014
    affected < 1.3.3fixed 1.3.3

    The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.