Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mpxj Security Vulnerabilities

cve
cve

CVE-2022-41954

MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of File.createTempFile(..) results in temporary files being created with the permissions -rw-r--r--. This means that any...

3.3CVSS

3.7AI Score

0.0004EPSS

2022-11-25 07:15 PM
49
12
cve
cve

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary...

5.3CVSS

5.6AI Score

0.001EPSS

2020-12-14 11:15 PM
64
4
cve
cve

CVE-2020-25020

MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader...

9.8CVSS

9.3AI Score

0.002EPSS

2020-08-29 07:15 PM
53
2