VYPR

Maven package

org.jbpm.jbpm5/jbpmmigration

pkg:maven/org.jbpm.jbpm5/jbpmmigration

Vulnerabilities (1)

  • CVE-2017-7545MedJul 26, 2018
    affected <= 0.15

    It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other mor