Medium severity6.5NVD Advisory· Published Dec 20, 2018· Updated Jun 17, 2026
CVE-2018-1000840
CVE-2018-1000840
Description
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests. This attack appear to be exploitable via The victim must use Processing to parse a crafted XML document.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=3.4+ 1 more
- (no CPE)range: <=3.4
- (no CPE)range: <=3.4
Patches
Vulnerability mechanics
References
2- github.com/processing/processing/issues/5706nvdExploitPatchThird Party Advisory
- twitter.com/ben_fry/status/1054333613465059329nvdThird Party Advisory
News mentions
0No linked articles in our index yet.