Maven package
org.http4k/http4k-format-xml
pkg:maven/org.http4k/http4k-format-xml
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-55875 | Cri | 9.8 | >= 5.0.0.0, < 5.41.0.0 | 5.41.0.0 | Dec 12, 2024 | http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 6.50.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive informat |
- affected >= 5.0.0.0, < 5.41.0.0fixed 5.41.0.0
http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 6.50.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive informat