4 matches found
EUVD-2025-30440
Malicious code in bioql PyPI...
GHSA-JJWR-5CFH-7XWH DSpace is vulnerable to XML External Entity injection during archive imports
Impact Two related XXE injection possibilities have been discovered, impacting all versions of DSpace prior to 7.6.4, 8.2 and 9.1. 1. External entities are not disabled when parsing XML files during import of an archive in Simple Archive Format, either from command-line ./dspace import command or...
CVE-2025-53621 DSpace vulnerable to XML External Entity (XXE) injection in import via Simple Archive Format (SAF) or import from external sources
DSpace open source software is a repository application which provides durable access to digital resources. Two related XML External Entity XXE injection possibilities impact all versions of DSpace prior to 7.6.4, 8.2, and 9.1. External entities are not disabled when parsing XML files during impo...
Fedora 41 : guacamole-server (2025-c597fcda32)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c597fcda32 advisory. Apache Guacamole 1.6.0 User interface / platform Add the ability to specify separate permissions for History and Active sessions tabs GUACAMOLE-538...