{"id":"CVE-2022-41967","summary":"Improper Restriction of XML External Entity Reference in Dragonfly","details":"Dragonfly is a Java runtime dependency management library. Dragonfly v0.3.0-SNAPSHOT does not configure DocumentBuilderFactory to prevent XML external entity (XXE) attacks. This issue is patched in 0.3.1-SNAPSHOT. As a workaround, since Dragonfly only parses XML `SNAPSHOT` versions are being resolved, this vulnerability may be avoided by not trying to resolve `SNAPSHOT` versions.","aliases":["GHSA-6x3m-96qp-mmxv"],"modified":"2026-04-12T03:22:17.373136Z","published":"2022-12-27T23:45:00.786Z","database_specific":{"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/41xxx/CVE-2022-41967.json","cwe_ids":["CWE-611"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/41xxx/CVE-2022-41967.json"},{"type":"ADVISORY","url":"https://github.com/HyperaDev/Dragonfly/security/advisories/GHSA-6x3m-96qp-mmxv"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41967"},{"type":"FIX","url":"https://github.com/HyperaDev/Dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hyperadev/dragonfly","events":[{"introduced":"0"},{"fixed":"9661375e1135127ca6cdb5712e978bec33cc06b3"}]},{"type":"GIT","repo":"https://github.com/hyperadev/dragonfly","events":[{"introduced":"0"},{"fixed":"9661375e1135127ca6cdb5712e978bec33cc06b3"}]}],"database_specific":{"vanir_signatures_modified":"2026-04-12T03:22:17Z","vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["254576599227179325954240792101151917118","256963640237095327825149326847335334684","100079141728574520828556294836737939148","145854102419578991687742641861337949092","233367396376681832715517392168016342914","129950409817987804310831286246670606267","90640573909269645561379145115608102544","79429793088195272841839592135495250353","53258020426931731579177011457527797811","4128289647828995478096311138853233452","246599650755806948616610807831888008634","291032734582313168735478911734116311094","155058775305035158926720447400330840559","312173307722501851465730760548651688193","155169686966208095023572827098537648600","133968563387242372499085328857915887269","311289638055619475065755735416113947990","120734374284162670920480751035333540","315295580749846477169621483177592626864","43843310530188149807607282073631660620","24750311216572442933472541536255962495"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/resolvers/impl/MavenSnapshotResolver.java"},"signature_version":"v1","id":"CVE-2022-41967-066657b9","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"192295666854282997061806897650314482158","length":112},"deprecated":false,"target":{"function":"DownloadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-0d75f52f","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"1955643759067192012195115322759800260","length":1121},"deprecated":false,"target":{"function":"load","file":"src/main/java/dev/hypera/dragonfly/Dragonfly.java"},"signature_version":"v1","id":"CVE-2022-41967-0dfab864","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["100781993266045143094055949855439796207","15333314773033828105781444928029003822","314847156701108322760159955257853299180","195356618571684160355950675660103117350","265418909316599516766867503260135489316"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/downloaders/impl/MavenDownloader.java"},"signature_version":"v1","id":"CVE-2022-41967-0f3d03f1","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["198320315499676963737670202573706657617","315594701867015500421942874387561125185","172385917812476754032838271464572563335","292216071146533453822620064501621024492","150986447929291787809298514969304312109","185141102026551308612915517259171256051","130285280703860564553951014592925597078","98627732582863896424657503819660773323","38160308571488622016345093334310365185","54895142073017278107490903365985256398","51927916336091194940795517918299278682","150953200695019726295449288479503705709","160639282172512302739906301137718864118","259654431706906848202482783762467240155","46827436389047318453389963781200950307"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-11a78a93","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"192295666854282997061806897650314482158","length":112},"deprecated":false,"target":{"function":"ResolveFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-20c97277","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"189082468535516669982665348719894321556","length":88},"deprecated":false,"target":{"function":"DependencyLoader","file":"src/main/java/dev/hypera/dragonfly/loading/DependencyLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-2517e804","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["62237796667485942088121295800513287557","12350376096521658744758489987924240525","81842759338132983460733707032234290545","99876742061383009503028150435561920909","257756491004435263263850198172504121071","1375123658128030720841227032968667513","241587651004871888254419383851123055441","325892646362059841428986642825003005169","153839283356324955276962464057551174499","90934998865117133641435688735115599309","196676461512572081412979433280607163060","197585206820856262012972145943711839601","313802691429755371233074515426269969457","107443471523873858515141593646929619726","271527836752845150484952002189568006357"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-2905791d","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"192295666854282997061806897650314482158","length":112},"deprecated":false,"target":{"function":"DragonflyException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java"},"signature_version":"v1","id":"CVE-2022-41967-29c37ec0","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["330681771538004224780987098428412550385","244702243142851488011562013685759816368","176104980981094178877135875673306082810","56758809189526231979807120536866987927","63951775032791063839684910349609805386","75640841722598446465397598821168684831","233420636291593632256140521378971924505","297346110081429373526271396762147581494","195674876917791535404076827249508761436","93419530350917520820180424565285472243","219499154963111652804421699358347806358","210749681364908895131587340716515698224","141474734262099652593802475837446870158","12868021351070637978007563181028051814","99430832409013490050122688218924710703","315589967383830632754361874932839295176","57848085273411482306450123557430538934"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/loading/DependencyLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-2c680dd3","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"323474198967912703782123198624635388055","length":301},"deprecated":false,"target":{"function":"loadClass","file":"src/main/java/dev/hypera/dragonfly/loading/DragonflyClassLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-363f6996","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"ResolveFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-3837cfe6","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"LoadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-38419279","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["53261937014234383665471040836430573517","158143479383668086614313949382862719186","262718263090416669659303590330681415480","261232348123871650621723631836956159344","5348365030191001685071847631937118743","86517153371940775038595314441903384539","24645946863142620932906329645547542961","233444562574790132278132547888896731429","171138873947623841713582091429760859344","331699761449931931416803702396190205903","254268269660668119783312438777350148803","175661520382842030167795981687356917321","104241987537422917348346361615932298019","267002364295950950162515657057957940719","282344665896191874676718353229506054402"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/relocation/DependencyRelocator.java"},"signature_version":"v1","id":"CVE-2022-41967-38f9fc27","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["333521910502070179682886402402848876315","200183642706635529351283953246546561628","134461286738770201912437046186316786171","71882163044434571896841256419080008309","130435799692421322082281635937236646702","4723844837118809811021418869849684053","236203554631572508709737737486837538598"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/DragonflyBuilder.java"},"signature_version":"v1","id":"CVE-2022-41967-3d72109e","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"DragonflyException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java"},"signature_version":"v1","id":"CVE-2022-41967-3ece1d6c","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"192295666854282997061806897650314482158","length":112},"deprecated":false,"target":{"function":"RelocationFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-4f4d8707","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"RelocationFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-4fff9ef7","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"DownloadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-53926e95","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["114204480612961631364389496430244252575","246431631276172629706307609032344966509","51182238999491443695306744665755164921","303128721518189892598564701693286053072","334858243207989184501879314086114150313","137523997240740870238426033418984477598","132222560733039596533533788117368531695","8467553764554852404425839709340938679","190393201990028745884960574976822738190","140664521178318578626842157381019901165","35701528214564210123237878187927260691","164374423869467784105316865875852108883","209744528169451637688480551109766273716","35126990567929729659220526016393599406","24239029743845360329380090274944811880"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/loading/DragonflyClassLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-5db3677a","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["129977687250333114960812510457206638893","133976793848285099358022518923586928633","89617876520784051414788866956750776550","314380167905521836366360572015632417855"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/resolvers/impl/MavenResolver.java"},"signature_version":"v1","id":"CVE-2022-41967-68cf0e32","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["323637743781191815278509649557433926931","133761919998031333827740098097059752654","121757751973721245839265829431345951557","247093318184107613187232316198537053030","23873632277800662120099713915385171087","235980429476466595158704846830127911576","214387812259576617018725345675255346403","66302977940576818311767710805283945063","76021076777866371783093017339915519662","100169671131406541822742518394105901891","95927205543627646761519026769412316144","72823786306574294094588239366475439241","16354142744100103351880380678303542347","39148284485397608400272047195058831445","181982098539447364150752625114519529198","123293838481705358175570881689445127148","222251330582884165643610257569832715159","130715079803433257901930654843970090911","178348816193834728346226280141308531882","86489993579960464415944126451284732824","93544923704165666143420757147835663913","147003875236874547503244324234664594225","298782712531647650269704005388059190562","312271982199844530098268684330604724789","285460872806987352943712602335187556981","147691902451443758793404637444751243860","48470871105815816468680390977133365868","212176722463210946884205118580992279616","188786433215079107205024461998876466811","250393757948049319858403555463352237635","8303138010282536196884378138097230515"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/Dragonfly.java"},"signature_version":"v1","id":"CVE-2022-41967-6cbd6460","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"RelocationFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-6efe2447","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"329843847068552324655743178063563805308","length":68},"deprecated":false,"target":{"function":"DragonflyException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java"},"signature_version":"v1","id":"CVE-2022-41967-73b830cd","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"329843847068552324655743178063563805308","length":68},"deprecated":false,"target":{"function":"ResolveFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-782343b0","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"294990349051064677063465174132769136127","length":115},"deprecated":false,"target":{"function":"Relocation","file":"src/main/java/dev/hypera/dragonfly/relocation/Relocation.java"},"signature_version":"v1","id":"CVE-2022-41967-806a77ec","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["26992183011477979128000655555363029186","55291897529274143422242441402010626567","154863456233278689741844484665727644106","213090779201821584029086583906562945206","300031039681315774457016374021928059145","144572037157806421890668896622084920166","285286410663062406663203021606833394760","157311231878398065234551638836523549479","317348084385256219814350325291671853157","30413209644192101299522064020998999984","152759474627700368687285694560328757959","150735501389807949292664251978559761961","75150052495430452616347854225048566869"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/relocation/Relocation.java"},"signature_version":"v1","id":"CVE-2022-41967-9460d2d3","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["174573592903199936208418049543945852569","85100367808479984717857001107110069712","227693360946243376710637151135061934580","254419788377760545323888527525958651329","34312976154982637056385224589733305316","218571495467966673669101688426438843842","196617568116008538095014426860509761853","243278228829577435499241065613941891402","153052829432302593598758453856498991348","216725455196515987756398890200840477669","85886334516245410549711844041685428379","303979265343467481167841979179313938284","145617015109774123106286442275991541456","187285907885424029567741831008827542996","183325934163946268155350648582828950540"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-9bbb9097","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"329843847068552324655743178063563805308","length":68},"deprecated":false,"target":{"function":"DownloadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-9f11fb89","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["92008897726986293849802283114477354948","102420689934595512209325136443183733121","293067998379903288438989635737704740519","243031035649328903380232599389010289041","144909945553870649283025204026542412314","140498163213532303356754988242664894019","155215836680317160305366648457975844458","232170011689226788665460171002081843837","159069983376959182504496116943666617006","131939036346832730455628452367440081310","320785984199565351714736386510734501051","236540647664393615909048079443674265864","125719988925288772086432223728589935999","229303998313987770755659334364455318491","95837095347032439727239444521358450073"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java"},"signature_version":"v1","id":"CVE-2022-41967-b1dd0ad5","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"278885497424031204065082886457850769278","length":125},"deprecated":false,"target":{"function":"load","file":"src/main/java/dev/hypera/dragonfly/loading/DependencyLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-b411662e","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"123140810469082313136350441099868919857","length":67},"deprecated":false,"target":{"function":"DragonflyClassLoader","file":"src/main/java/dev/hypera/dragonfly/loading/DragonflyClassLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-b5f34007","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"142822271486561328582783386294686004084","length":1303},"deprecated":false,"target":{"function":"resolve","file":"src/main/java/dev/hypera/dragonfly/resolvers/impl/MavenSnapshotResolver.java"},"signature_version":"v1","id":"CVE-2022-41967-b8094072","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"ResolveFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-be21284c","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"148864651116114388334509377755089178351","length":231},"deprecated":false,"target":{"function":"DependencyRelocator","file":"src/main/java/dev/hypera/dragonfly/relocation/DependencyRelocator.java"},"signature_version":"v1","id":"CVE-2022-41967-c1a15f16","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"329843847068552324655743178063563805308","length":68},"deprecated":false,"target":{"function":"LoadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-c31dbcc5","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"192295666854282997061806897650314482158","length":112},"deprecated":false,"target":{"function":"LoadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-cc9919a5","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"97638338110788014445327403786247247325","length":63},"deprecated":false,"target":{"function":"addURL","file":"src/main/java/dev/hypera/dragonfly/loading/DragonflyClassLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-cd593c7e","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"threshold":0.9,"line_hashes":["105554442351277553831130811862277635961","50996338760019937682114660045132872267","322287306536664520757186167153275707742","248777568704316954607900632641823377029","293586919169596198247147670887715635340","80038653885716397719543747867293760545","306894906151701467297345209627579531641","67645921907935486777317843362717898620","87815165486644975239617459338081626776","145318350702038767060081138768520278910","125124350705285381994859114057257524760","177658827531727828227883648749025740662","296240668749613444994318691946711700507","190931786924869473121960479333057078352","249711462918133520482082976858569343710"]},"deprecated":false,"target":{"file":"src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-cffd1c06","signature_type":"Line","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"103264899364409343499266871376253642201","length":245},"deprecated":false,"target":{"function":"load","file":"src/main/java/dev/hypera/dragonfly/loading/DependencyLoader.java"},"signature_version":"v1","id":"CVE-2022-41967-d22ec348","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"DownloadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-d64199c9","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"DragonflyException","file":"src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java"},"signature_version":"v1","id":"CVE-2022-41967-d901a52b","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"329843847068552324655743178063563805308","length":68},"deprecated":false,"target":{"function":"RelocationFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-e58a7321","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"},{"digest":{"function_hash":"235811019879431439277195957215880491234","length":46},"deprecated":false,"target":{"function":"LoadFailureException","file":"src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java"},"signature_version":"v1","id":"CVE-2022-41967-fc369e26","signature_type":"Function","source":"https://github.com/hyperadev/dragonfly/commit/9661375e1135127ca6cdb5712e978bec33cc06b3"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41967.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"}]}