GHSA-v2xm-76pq-phcf
Suggest an improvement- Source
- https://github.com/advisories/GHSA-v2xm-76pq-phcf
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-v2xm-76pq-phcf/GHSA-v2xm-76pq-phcf.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-v2xm-76pq-phcf
- Aliases
- Related
- Published
- 2024-06-21T06:31:12Z
- Modified
- 2024-06-25T02:34:01.955562Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- ClassGraph XML External Entity Reference
- Details
-
ClassGraph before 4.8.112 was not resistant to XML eXternal Entity (XXE) attacks.
- Database specific
{ "nvd_published_at": "2024-06-21T06:15:10Z", "cwe_ids": [ "CWE-611" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-06-21T15:06:26Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-47621
- https://github.com/classgraph/classgraph/pull/539
- https://github.com/classgraph/classgraph/commit/681362ad6b0b9d9abaffb2e07099ce54d7a41fa3
- https://docs.r3.com/en/platform/corda/4.8/enterprise/release-notes-enterprise.html
- https://github.com/classgraph/classgraph
- https://github.com/classgraph/classgraph/releases/tag/classgraph-4.8.112
Affected packages
Maven / io.github.classgraph:classgraph
Package
- Name
- io.github.classgraph:classgraph
- View open source insights on deps.dev
- Purl
- pkg:maven/io.github.classgraph/classgraph
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.8.112
Affected versions
4.*
4.0.0-beta-11
4.0.0-beta-12
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.1.0
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
4.2.10
4.2.11
4.2.12
4.3.0
4.3.1
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6
4.4.7
4.4.8
4.4.9
4.4.10
4.4.11
4.4.12
4.6.0
4.6.1
4.6.2
4.6.3
4.6.4
4.6.5
4.6.6
4.6.7
4.6.8
4.6.9
4.6.10
4.6.11
4.6.12
4.6.13
4.6.14
4.6.15
4.6.16
4.6.17
4.6.18
4.6.19
4.6.20
4.6.21
4.6.22
4.6.23
4.6.24
4.6.25
4.6.26
4.6.27
4.6.28
4.6.29
4.6.30
4.6.31
4.6.32
4.8.0
4.8.1
4.8.2
4.8.3
4.8.4
4.8.5
4.8.6
4.8.7
4.8.8
4.8.9
4.8.10
4.8.11
4.8.12
4.8.13
4.8.14
4.8.15
4.8.16
4.8.17
4.8.19
4.8.20
4.8.21
4.8.22
4.8.23
4.8.24
4.8.25
4.8.26
4.8.27
4.8.28
4.8.29
4.8.30
4.8.31
4.8.32
4.8.33
4.8.34
4.8.35
4.8.36
4.8.37
4.8.38
4.8.39
4.8.40
4.8.41
4.8.42
4.8.43
4.8.44
4.8.45
4.8.46
4.8.47
4.8.48
4.8.49
4.8.50
4.8.51
4.8.52
4.8.53
4.8.54
4.8.55
4.8.56
4.8.57
4.8.58
4.8.59
4.8.60
4.8.61
4.8.62
4.8.63
4.8.64
4.8.65
4.8.66
4.8.67
4.8.68
4.8.69
4.8.70
4.8.71
4.8.72
4.8.73
4.8.74
4.8.75
4.8.76
4.8.77
4.8.78
4.8.79
4.8.80
4.8.81
4.8.82
4.8.83
4.8.84
4.8.85
4.8.86
4.8.87
4.8.88
4.8.89
4.8.90
4.8.91
4.8.92
4.8.93
4.8.94
4.8.95
4.8.96
4.8.97
4.8.98
4.8.100
4.8.101
4.8.102
4.8.103
4.8.104
4.8.105
4.8.106
4.8.107
4.8.108
4.8.109
4.8.110
4.8.111