VYPR

Mastro

by OBDA systems

CVEs (2)

  • CVE-2021-40511HigJun 21, 2022
    risk 0.49cvss 7.5epss 0.01

    OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.

  • CVE-2021-40510HigJun 21, 2022
    risk 0.49cvss 7.5epss 0.01

    XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.