VYPR

Maven package

org.eclipse.leshan/leshan-core

pkg:maven/org.eclipse.leshan/leshan-core

Vulnerabilities (1)

  • CVE-2023-41034Aug 31, 2023
    affected < 1.5.0fixed 1.5.0

    Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser` and `DefaultDDFFileValidator` (and so `ObjectLoader`) are vulnerable to `XXE Attacks`. A DDF file is a LWM2M format used to store LWM2M object description. Leshan user