VYPR

Maven package

org.cyclonedx/cyclonedx-core-java

pkg:maven/org.cyclonedx/cyclonedx-core-java

Vulnerabilities (2)

  • CVE-2025-64518HigNov 10, 2025
    affected >= 2.1.0, < 11.0.1fixed 11.0.1

    The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Starting in version 2.1.0 and prior to version 11.0.1, the XML `Validator` used by cyclonedx-core-java was not configured securely, mak

  • CVE-2024-38374HigJun 28, 2024
    affected >= 2.1.0, < 9.0.4fixed 9.0.4

    The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, _cyclonedx-core-java_ leverages XPath expressions to determine the sche