cyclonedx-core-java — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in cyclonedx-core-java, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-64518	CycloneDX Core (Java): BOM validation is vulnerable to XML External Entity injection CWE-611	7.5	High	2025-11-10
CVE-2024-38374	Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java CWE-611	7.5	High	2024-06-28

All 2 known CVE vulnerabilities affecting cyclonedx-core-java with full Chinese analysis, references, and POCs where available.