漏洞标题
Java-XMLBuilder XML外部实体引用
漏洞描述信息
在java-xmlbuilder up to 1.1中发现了一个漏洞,它被评估为有问题。受到影响的是某些未知功能。该操作会导致xml外部实体引用。升级到版本1.2可以解决这个问题。该补丁的名称为e6fddca201790abab4f2c274341c0bb8835c3e73。建议升级受影响的组件。这个漏洞的标识符是VDB-221480。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
java-xmlbuilder xml external entity reference
漏洞描述信息
A vulnerability was found in java-xmlbuilder up to 1.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to xml external entity reference. Upgrading to version 1.2 is able to address this issue. The name of the patch is e6fddca201790abab4f2c274341c0bb8835c3e73. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-221480.
CVSS信息
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
XML外部实体引用的不恰当限制(XXE)
漏洞标题
java-xmlbuilder 代码问题漏洞
漏洞描述信息
java-xmlbuilder是James Murty个人开发者的一个实用程序。允许使用相对稀疏的 Java 代码构建简单的 XML 文档。 java-xmlbuilder 1.1之前版本存在代码问题漏洞,该漏洞源于存在未知功能, 导致 xml 外部实体引用。
CVSS信息
N/A
漏洞类别
代码问题