VYPR

Mpxj

by Joniles

Source repositories

CVEs (2)

  • CVE-2024-49771MedOct 28, 2024
    risk 0.27cvss 5.3epss 0.00

    MPXJ is an open source library to read and write project plans from a variety of file formats and databases. The patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there is still a possibility that a malicious path could be constructed which would not…

  • CVE-2022-41954Nov 25, 2022
    risk 0.00cvss epss 0.00

    MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r--`.…