Critical severityNVD Advisory· Published Dec 11, 2018· Updated Sep 16, 2024
CVE-2018-20059
CVE-2018-20059
Description
jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ro.pippo:pippo-coreMaven | < 1.12.0 | 1.12.0 |
Affected products
1Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-rmm5-g63h-m6g9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-20059ghsaADVISORY
- github.com/pippo-java/pippo/commit/9f36e5891c0b11f840e1e1561ae96d83ba9ce759ghsaWEB
- github.com/pippo-java/pippo/issues/486ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.