CVE-2021-47621

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-47621

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47621.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47621

Aliases

GHSA-v2xm-76pq-phcf

Related

Published

2024-06-21T06:15:10Z

Modified

2025-10-21T06:42:05.779893Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

ClassGraph before 4.8.112 was not resistant to XML eXternal Entity (XXE) attacks.

References

Affected packages

Git / github.com/classgraph/classgraph

Affected ranges

Type: GIT
Repo: https://github.com/classgraph/classgraph
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

681362ad6b0b9d9abaffb2e07099ce54d7a41fa3

Fixed

b3bddc75e136fa28d1aaaaa8712c581ed2474a64

Affected versions

classgraph-4.*

classgraph-4.0.0

classgraph-4.0.0-beta-11

classgraph-4.0.0-beta-12

classgraph-4.0.1

classgraph-4.0.2

classgraph-4.0.3

classgraph-4.0.4

classgraph-4.0.5

classgraph-4.0.6

classgraph-4.0.7

classgraph-4.1.0

classgraph-4.1.1

classgraph-4.1.2

classgraph-4.1.3

classgraph-4.1.4

classgraph-4.1.5

classgraph-4.1.6

classgraph-4.1.7

classgraph-4.2.0

classgraph-4.2.1

classgraph-4.2.10

classgraph-4.2.11

classgraph-4.2.12

classgraph-4.2.2

classgraph-4.2.3

classgraph-4.2.4

classgraph-4.2.5

classgraph-4.2.6

classgraph-4.2.7

classgraph-4.2.8

classgraph-4.2.9

classgraph-4.3.0

classgraph-4.3.1

classgraph-4.4.0

classgraph-4.4.1

classgraph-4.4.10

classgraph-4.4.11

classgraph-4.4.12

classgraph-4.4.2

classgraph-4.4.3

classgraph-4.4.4

classgraph-4.4.5

classgraph-4.4.6

classgraph-4.4.7

classgraph-4.4.8

classgraph-4.4.9

classgraph-4.6.0

classgraph-4.6.1

classgraph-4.6.10

classgraph-4.6.11

classgraph-4.6.12

classgraph-4.6.13

classgraph-4.6.14

classgraph-4.6.15

classgraph-4.6.16

classgraph-4.6.17

classgraph-4.6.18

classgraph-4.6.19

classgraph-4.6.2

classgraph-4.6.20

classgraph-4.6.21

classgraph-4.6.22

classgraph-4.6.23

classgraph-4.6.24

classgraph-4.6.25

classgraph-4.6.26

classgraph-4.6.27

classgraph-4.6.28

classgraph-4.6.29

classgraph-4.6.3

classgraph-4.6.30

classgraph-4.6.31

classgraph-4.6.32

classgraph-4.6.4

classgraph-4.6.5

classgraph-4.6.6

classgraph-4.6.7

classgraph-4.6.8

classgraph-4.6.9

classgraph-4.8.0

classgraph-4.8.1

classgraph-4.8.10

classgraph-4.8.100

classgraph-4.8.101

classgraph-4.8.102

classgraph-4.8.103

classgraph-4.8.104

classgraph-4.8.105

classgraph-4.8.106

classgraph-4.8.107

classgraph-4.8.108

classgraph-4.8.109

classgraph-4.8.11

classgraph-4.8.110

classgraph-4.8.111

classgraph-4.8.12

classgraph-4.8.13

classgraph-4.8.14

classgraph-4.8.15

classgraph-4.8.16

classgraph-4.8.17

classgraph-4.8.18

classgraph-4.8.19

classgraph-4.8.2

classgraph-4.8.20

classgraph-4.8.21

classgraph-4.8.22

classgraph-4.8.23

classgraph-4.8.24

classgraph-4.8.25

classgraph-4.8.26

classgraph-4.8.27

classgraph-4.8.28

classgraph-4.8.29

classgraph-4.8.3

classgraph-4.8.30

classgraph-4.8.31

classgraph-4.8.32

classgraph-4.8.33

classgraph-4.8.34

classgraph-4.8.35

classgraph-4.8.36

classgraph-4.8.37

classgraph-4.8.38

classgraph-4.8.39

classgraph-4.8.4

classgraph-4.8.40

classgraph-4.8.41

classgraph-4.8.42

classgraph-4.8.43

classgraph-4.8.44

classgraph-4.8.45

classgraph-4.8.46

classgraph-4.8.47

classgraph-4.8.48

classgraph-4.8.49

classgraph-4.8.5

classgraph-4.8.50

classgraph-4.8.51

classgraph-4.8.52

classgraph-4.8.53

classgraph-4.8.54

classgraph-4.8.55

classgraph-4.8.56

classgraph-4.8.57

classgraph-4.8.58

classgraph-4.8.59

classgraph-4.8.6

classgraph-4.8.60

classgraph-4.8.61

classgraph-4.8.62

classgraph-4.8.63

classgraph-4.8.64

classgraph-4.8.65

classgraph-4.8.66

classgraph-4.8.67

classgraph-4.8.68

classgraph-4.8.69

classgraph-4.8.7

classgraph-4.8.70

classgraph-4.8.71

classgraph-4.8.72

classgraph-4.8.73

classgraph-4.8.74

classgraph-4.8.75

classgraph-4.8.76

classgraph-4.8.77

classgraph-4.8.78

classgraph-4.8.8

classgraph-4.8.80

classgraph-4.8.81

classgraph-4.8.82

classgraph-4.8.83

classgraph-4.8.84

classgraph-4.8.85

classgraph-4.8.86

classgraph-4.8.87

classgraph-4.8.88

classgraph-4.8.89

classgraph-4.8.9

classgraph-4.8.90

classgraph-4.8.91

classgraph-4.8.92

classgraph-4.8.93

classgraph-4.8.94

classgraph-4.8.95

classgraph-4.8.96

classgraph-4.8.97

classgraph-4.8.98

classgraph-4.8.99

fast-classpath-scanner-1.*

fast-classpath-scanner-1.0.1

fast-classpath-scanner-1.10.3

fast-classpath-scanner-1.10.4

fast-classpath-scanner-1.2

fast-classpath-scanner-1.2.1

fast-classpath-scanner-1.2.2

fast-classpath-scanner-1.2.3

fast-classpath-scanner-1.2.4

fast-classpath-scanner-1.2.5

fast-classpath-scanner-1.4.0

fast-classpath-scanner-1.4.1

fast-classpath-scanner-1.6.0

fast-classpath-scanner-1.8.0

fast-classpath-scanner-1.8.1

fast-classpath-scanner-1.9.0

fast-classpath-scanner-1.9.1

fast-classpath-scanner-1.9.10

fast-classpath-scanner-1.9.11

fast-classpath-scanner-1.9.12

fast-classpath-scanner-1.9.13

fast-classpath-scanner-1.9.14

fast-classpath-scanner-1.9.15

fast-classpath-scanner-1.9.16

fast-classpath-scanner-1.9.17

fast-classpath-scanner-1.9.18

fast-classpath-scanner-1.9.19

fast-classpath-scanner-1.9.2

fast-classpath-scanner-1.9.20

fast-classpath-scanner-1.9.21

fast-classpath-scanner-1.9.3

fast-classpath-scanner-1.9.4

fast-classpath-scanner-1.9.5

fast-classpath-scanner-1.9.6

fast-classpath-scanner-1.9.7

fast-classpath-scanner-1.9.8

fast-classpath-scanner-1.9.9

fast-classpath-scanner-1.90.0

fast-classpath-scanner-1.90.1

fast-classpath-scanner-1.90.10

fast-classpath-scanner-1.90.2

fast-classpath-scanner-1.90.3

fast-classpath-scanner-1.90.4

fast-classpath-scanner-1.90.5

fast-classpath-scanner-1.90.6

fast-classpath-scanner-1.90.7

fast-classpath-scanner-1.90.8

fast-classpath-scanner-1.90.9

fast-classpath-scanner-1.91.0

fast-classpath-scanner-1.91.1

fast-classpath-scanner-1.91.2

fast-classpath-scanner-1.91.3

fast-classpath-scanner-1.91.4

fast-classpath-scanner-1.91.5

fast-classpath-scanner-1.91.6

fast-classpath-scanner-1.92.0

fast-classpath-scanner-1.92.1

fast-classpath-scanner-1.93.0

fast-classpath-scanner-1.93.1

fast-classpath-scanner-1.93.2

fast-classpath-scanner-1.93.3

fast-classpath-scanner-1.99.0

fast-classpath-scanner-2.*

fast-classpath-scanner-2.0.0

fast-classpath-scanner-2.0.1

fast-classpath-scanner-2.0.10

fast-classpath-scanner-2.0.11

fast-classpath-scanner-2.0.12

fast-classpath-scanner-2.0.13

fast-classpath-scanner-2.0.14

fast-classpath-scanner-2.0.15

fast-classpath-scanner-2.0.16

fast-classpath-scanner-2.0.17

fast-classpath-scanner-2.0.18

fast-classpath-scanner-2.0.19

fast-classpath-scanner-2.0.2

fast-classpath-scanner-2.0.20

fast-classpath-scanner-2.0.21

fast-classpath-scanner-2.0.22

fast-classpath-scanner-2.0.3

fast-classpath-scanner-2.0.4

fast-classpath-scanner-2.0.5

fast-classpath-scanner-2.0.6

fast-classpath-scanner-2.0.7

fast-classpath-scanner-2.0.8

fast-classpath-scanner-2.0.9

fast-classpath-scanner-2.10.0

fast-classpath-scanner-2.11.0

fast-classpath-scanner-2.11.1

fast-classpath-scanner-2.12.0

fast-classpath-scanner-2.12.1

fast-classpath-scanner-2.12.2

fast-classpath-scanner-2.12.3

fast-classpath-scanner-2.12.4

fast-classpath-scanner-2.12.5

fast-classpath-scanner-2.12.6

fast-classpath-scanner-2.14.0

fast-classpath-scanner-2.14.1

fast-classpath-scanner-2.16.0

fast-classpath-scanner-2.18.0

fast-classpath-scanner-2.18.1

fast-classpath-scanner-2.18.2

fast-classpath-scanner-2.19.0

fast-classpath-scanner-2.2.0

fast-classpath-scanner-2.2.1

fast-classpath-scanner-2.20.0

fast-classpath-scanner-2.20.1

fast-classpath-scanner-2.20.2

fast-classpath-scanner-2.21

fast-classpath-scanner-2.4.0

fast-classpath-scanner-2.4.1

fast-classpath-scanner-2.4.2

fast-classpath-scanner-2.4.3

fast-classpath-scanner-2.4.4

fast-classpath-scanner-2.4.5

fast-classpath-scanner-2.4.6

fast-classpath-scanner-2.4.7

fast-classpath-scanner-2.6.0

fast-classpath-scanner-2.6.1

fast-classpath-scanner-2.6.2

fast-classpath-scanner-2.7.0

fast-classpath-scanner-2.7.1

fast-classpath-scanner-2.7.2

fast-classpath-scanner-2.7.3

fast-classpath-scanner-2.7.4

fast-classpath-scanner-2.7.5

fast-classpath-scanner-2.8.0

fast-classpath-scanner-2.8.1

fast-classpath-scanner-2.8.2

fast-classpath-scanner-2.9.0

fast-classpath-scanner-2.9.1

fast-classpath-scanner-2.9.2

fast-classpath-scanner-2.9.3

fast-classpath-scanner-2.9.4

fast-classpath-scanner-2.9.5

fast-classpath-scanner-3.*

fast-classpath-scanner-3.0.0

fast-classpath-scanner-3.0.1

fast-classpath-scanner-3.0.2

fast-classpath-scanner-3.0.3

fast-classpath-scanner-3.1.0

fast-classpath-scanner-3.1.1

fast-classpath-scanner-3.1.10

fast-classpath-scanner-3.1.11

fast-classpath-scanner-3.1.12

fast-classpath-scanner-3.1.2

fast-classpath-scanner-3.1.3

fast-classpath-scanner-3.1.4

fast-classpath-scanner-3.1.5

fast-classpath-scanner-3.1.6

fast-classpath-scanner-3.1.7

fast-classpath-scanner-3.1.8

fast-classpath-scanner-3.1.9

fast-classpath-scanner-4.*

fast-classpath-scanner-4.0.0-beta-1

fast-classpath-scanner-4.0.0-beta-10

fast-classpath-scanner-4.0.0-beta-2

fast-classpath-scanner-4.0.0-beta-3

fast-classpath-scanner-4.0.0-beta-4

fast-classpath-scanner-4.0.0-beta-5

fast-classpath-scanner-4.0.0-beta-6

fast-classpath-scanner-4.0.0-beta-7

fast-classpath-scanner-4.0.0-beta-8

fast-classpath-scanner-4.0.0-beta-9

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/classgraph/classgraph/commit/681362ad6b0b9d9abaffb2e07099ce54d7a41fa3",
        "id": "CVE-2021-47621-963229eb",
        "signature_version": "v1",
        "target": {
            "file": "src/main/java/nonapi/io/github/classgraph/utils/VersionFinder.java"
        },
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "274405623184421320376268781625953359244",
                "282591469263131286186584040430234685695",
                "153878324331847761190885344231132998103",
                "274818735539833088704486905756421930395",
                "193786937226721481591397175603913741867",
                "169754589749926577485717095207966114942",
                "66150921585927898964861242406203645812",
                "190308979376818983407579143672891408356",
                "26914794157333832989351644473856348656",
                "202456522961799266439553908802448152929",
                "105670435135899808859811894620302658108",
                "110207521660578745533923795860452489634",
                "91951880655555352804126249988943487290",
                "119564359734902751925697865336531364338"
            ],
            "threshold": 0.9
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/classgraph/classgraph/commit/681362ad6b0b9d9abaffb2e07099ce54d7a41fa3",
        "id": "CVE-2021-47621-a6c3de66",
        "signature_version": "v1",
        "target": {
            "function": "getVersion",
            "file": "src/main/java/nonapi/io/github/classgraph/utils/VersionFinder.java"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "48319891940467277997500503794085481961",
            "length": 1781.0
        }
    }
]