ome:pom-bio-formats
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting ome:pom-bio-formatspage 1 of 1
- CVE-2026-22186MEDIUMCVSS 4.6EG 7.12026-01-07
Bio-Formats versions up to and including 8.3.0 contain an XML External Entity (XXE) vulnerability in the Leica Microsystems metadata parsing component (e.g., XLEF). The parser uses an insecurely configured DocumentBuilderFactory when proce…
- CVE-2026-22187HIGHCVSS 7.8EG 7.82026-01-07
Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-controlled memoization cache files (.bfmemo) during image processing. The loci.formats.Memoizer class automatically loads and deserializes memo …
Check whether ome:pom-bio-formats is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ome:pom-bio-formats CVEs against the assets you own.
Start Free Scan →