VYPR
Moderate severityNVD Advisory· Published Oct 9, 2024· Updated Oct 9, 2024

Apache XML Graphics FOP: XML External Entity (XXE) Processing

CVE-2024-28168

Description

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP.

This issue affects Apache XML Graphics FOP: 2.9.

Users are recommended to upgrade to version 2.10, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.xmlgraphics:fop-coreMaven
< 2.102.10

Affected products

83

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.