org.mapfish.print:print-servlet (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.mapfish.print:print-servlet, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2020-15232 — CVSS 9.3 (critical): In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style.
CVE-2026-44672: mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14…