Maven package
org.restlet.jse/org.restlet.ext.jaxrs
pkg:maven/org.restlet.jse/org.restlet.ext.jaxrs
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14868 | Hig | 7.5 | < 2.3.11 | 2.3.11 | Nov 30, 2017 | Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension. |
- affected < 2.3.11fixed 2.3.11
Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.