VYPR
Unrated severityNVD Advisory· Published Feb 6, 2008· Updated Jun 16, 2026

CVE-2008-0628

CVE-2008-0628

Description

The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.