Vulnerabilities > Mpxj

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-41954 Unspecified vulnerability in Mpxj
MPXJ is an open source library to read and write project plans from a variety of file formats and databases.
local
low complexity
mpxj
3.3
2020-12-14 CVE-2020-35460 Path Traversal vulnerability in multiple products
common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.
network
low complexity
mpxj oracle CWE-22
5.3
2020-08-29 CVE-2020-25020 XXE vulnerability in multiple products
MPXJ through 8.1.3 allows XXE attacks.
network
low complexity
mpxj oracle CWE-611
critical
9.8