Critical severity9.1NVD Advisory· Published Nov 17, 2017· Updated Jun 17, 2026
CVE-2017-1000190
CVE-2017-1000190
Description
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.simpleframework:simple-xmlMaven | < 2.7.1 | 2.7.1 |
Affected products
1Patches
Vulnerability mechanics
References
9- github.com/ngallagher/simplexml/issues/18nvdExploitIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-f5qf-vh69-9q4rghsaADVISORY
- lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3EnvdMailing ListThird Party AdvisoryWEB
- lists.apache.org/thread.html/8c4ef27e2c0218f29e785990dc919266855aea137c958f10d242cb36%40%3Cdev.lucene.apache.org%3EnvdMailing ListThird Party AdvisoryWEB
- lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3EnvdMailing ListThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-1000190ghsaADVISORY
- lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3EghsaWEB
- lists.apache.org/thread.html/8c4ef27e2c0218f29e785990dc919266855aea137c958f10d242cb36@%3Cdev.lucene.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3EghsaWEB
News mentions
0No linked articles in our index yet.