Unrated severityOSV Advisory· Published Jul 29, 2022· Updated Aug 3, 2024
CVE-2022-2414
CVE-2022-2414
Description
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20- osv-coords19 versionspkg:rpm/almalinux/idm-pki-acmepkg:rpm/almalinux/idm-pki-basepkg:rpm/almalinux/idm-pki-base-javapkg:rpm/almalinux/idm-pki-capkg:rpm/almalinux/idm-pki-krapkg:rpm/almalinux/idm-pki-serverpkg:rpm/almalinux/idm-pki-symkeypkg:rpm/almalinux/idm-pki-toolspkg:rpm/almalinux/ldapjdk-javadocpkg:rpm/almalinux/pki-acmepkg:rpm/almalinux/pki-basepkg:rpm/almalinux/pki-base-javapkg:rpm/almalinux/pki-capkg:rpm/almalinux/pki-krapkg:rpm/almalinux/pki-serverpkg:rpm/almalinux/pki-symkeypkg:rpm/almalinux/pki-toolspkg:rpm/almalinux/python3-idm-pkipkg:rpm/almalinux/python3-pki
< 10.12.0-4.module_el8.7.0+3316+50b99934+ 18 more
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 4.23.0-1.module_el8.6.0+2764+9fc58d50
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 11.0.6-2.el9_0
- (no CPE)range: < 10.12.0-4.module_el8.7.0+3316+50b99934
- (no CPE)range: < 11.0.6-2.el9_0
Patches
Vulnerability mechanics
References
1- github.com/dogtagpki/pki/pull/4021mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.