VYPR

rpm package

suse/dom4j&distro=SUSE Manager Server 3.0

pkg:rpm/suse/dom4j&distro=SUSE%20Manager%20Server%203.0

Vulnerabilities (1)

  • CVE-2018-1000632HigAug 20, 2018
    affected < 1.6.1-27.4.1fixed 1.6.1-27.4.1

    dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specify