VYPR

rpm package

suse/dom4j&distro=SUSE Package Hub 15

pkg:rpm/suse/dom4j&distro=SUSE%20Package%20Hub%2015

Vulnerabilities (1)

  • CVE-2018-1000632HigAug 20, 2018
    affected < 1.6.1-bp150.2.3.1fixed 1.6.1-bp150.2.3.1

    dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specify