Search for packages
| purl | pkg:maven/org.codelibs.fess/fess@10.2.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j56-crd4-z3hw
Aliases: CVE-2025-48382 GHSA-g88v-2j67-9rmx |
Fess has Insecure Temporary File Permissions Fess (an open-source Enterprise Search Server) creates temporary files without restrictive permissions, which may allow local attackers to read sensitive information from these temporary files. |
Affected by 0 other vulnerabilities. |
|
VCID-yk6z-wgcu-4bga
Aliases: CVE-2018-1000822 GHSA-77hp-pfxw-4w63 |
Improper Restriction of XML External Entity Reference The fess package contains an XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. |
Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T05:50:37.117830+00:00 | GitLab Importer | Affected by | VCID-1j56-crd4-z3hw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codelibs.fess/fess/CVE-2025-48382.yml | 38.6.0 |
| 2026-06-04T20:17:39.876587+00:00 | GitLab Importer | Affected by | VCID-yk6z-wgcu-4bga | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codelibs.fess/fess/CVE-2018-1000822.yml | 38.6.0 |
| 2026-06-04T18:24:03.243577+00:00 | GHSA Importer | Affected by | VCID-yk6z-wgcu-4bga | https://github.com/advisories/GHSA-77hp-pfxw-4w63 | 38.6.0 |