VulnerableCode Package Details - pkg:maven/org.apache.cocoon/cocoon-core@2.3.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.cocoon/cocoon-core@2.3.0

purl	pkg:maven/org.apache.cocoon/cocoon-core@2.3.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-485r-cgnv-8ygt	Improper Restriction of XML External Entity Reference vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.	CVE-2023-49733 GHSA-77jg-cpw9-73vg
VCID-e9gp-a2f2-kfdx	Apache Cocoon SQL Injection vulnerability Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Cocoon. This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.	CVE-2022-45135 GHSA-8v4w-jr33-4rh3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:46:28.964756+00:00	GitLab Importer	Fixing	VCID-e9gp-a2f2-kfdx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cocoon/cocoon-core/CVE-2022-45135.yml	38.6.0
2026-06-02T04:46:27.860494+00:00	GitLab Importer	Fixing	VCID-485r-cgnv-8ygt	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.cocoon/cocoon-core/CVE-2023-49733.yml	38.6.0