VYPR

CWE-611

Improper Restriction of XML External Entity Reference

BaseDraft

Description

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-221

CVEs mapped to this weakness (684)

page 33 of 35
  • CVE-2019-9658Mar 11, 2019
    risk 0.00cvss epss 0.04

    Checkstyle before 8.18 loads external DTDs by default.

  • CVE-2019-7722Feb 11, 2019
    risk 0.00cvss epss 0.01

    PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or…

  • CVE-2019-1003015Feb 6, 2019
    risk 0.00cvss epss 0.02

    An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers with the ability to control the HTTP server (Jenkins) queried in preparation of…

  • CVE-2019-3774Jan 18, 2019
    risk 0.00cvss epss 0.03

    Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

  • CVE-2019-3773Jan 18, 2019
    risk 0.00cvss epss 0.04

    Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

  • CVE-2019-3772Jan 18, 2019
    risk 0.00cvss epss 0.03

    Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

  • CVE-2018-11788Jan 7, 2019
    risk 0.00cvss epss 0.07

    Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against…

  • CVE-2019-5312Jan 4, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318.

  • CVE-2018-14720Jan 2, 2019
    risk 0.00cvss epss 0.08

    FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

  • CVE-2018-20433Dec 24, 2018
    risk 0.00cvss epss 0.05

    c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.

  • CVE-2018-17247Dec 20, 2018
    risk 0.00cvss epss 0.01

    Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java Security Manager then an attacker could send a specially crafted request capable…

  • CVE-2018-1000836Dec 20, 2018
    risk 0.00cvss epss 0.01

    bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in…

  • CVE-2018-1000823Dec 20, 2018
    risk 0.00cvss epss 0.02

    exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

  • CVE-2018-1000820Dec 20, 2018
    risk 0.00cvss epss 0.02

    neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after…

  • CVE-2018-1000822Dec 20, 2018
    risk 0.00cvss epss 0.02

    codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML…

  • CVE-2018-1000844Dec 20, 2018
    risk 0.00cvss epss 0.02

    Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This…

  • CVE-2018-20059Dec 11, 2018
    risk 0.00cvss epss 0.01

    jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.

  • CVE-2018-20000Dec 10, 2018
    risk 0.00cvss epss 0.02

    Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java.

  • CVE-2018-17186Nov 6, 2018
    risk 0.00cvss epss 0.02

    An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.

  • CVE-2018-12544Oct 10, 2018
    risk 0.00cvss epss 0.02

    In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a…