Vulnerabilities in CycloneDX
4 resultsCVE-2022-24774HIGHImproper Input Validation leading to Path Traversal in CycloneDX BOM Repository ServerEPSS 1.4%CVE-2024-34345HIGH@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerabilityEPSS 0.9%CVE-2024-38374HIGHImproper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-javaEPSS 0.6%CVE-2025-64518HIGHCycloneDX Core (Java): BOM validation is vulnerable to XML External Entity injectionEPSS 0.3%