Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-14868

Опубликовано: 30 нояб. 2017
Источник: debian

Описание

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
restletitppackage

Связанные уязвимости

ubuntu логотип

CVE-2017-14868

CVSS3: 7.5
ubuntu
около 8 лет назад

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

redhat логотип

CVE-2017-14868

CVSS3: 7.5
redhat
больше 8 лет назад

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

nvd логотип

CVE-2017-14868

CVSS3: 7.5
nvd
около 8 лет назад

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

github логотип

GHSA-2mp8-qvqm-3xwq

CVSS3: 7.5
github
больше 7 лет назад

Restlet Framework Ja-rs extension is vulnerable to XXE when using SimpleXMLProvider