Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-23926

Опубликовано: 14 янв. 2021
Источник: debian
EPSS Низкий

Описание

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xmlbeansfixed3.0.2-1package

Примечания

  • https://issues.apache.org/jira/browse/XMLBEANS-517

EPSS

Процентиль: 55%
0.00322
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-23926

CVSS3: 9.1
ubuntu
около 5 лет назад

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.

redhat логотип

CVE-2021-23926

CVSS3: 7.4
redhat
около 5 лет назад

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.

nvd логотип

CVE-2021-23926

CVSS3: 9.1
nvd
около 5 лет назад

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.

suse-cvrf логотип

SUSE-SU-2022:3876-1

suse-cvrf
больше 3 лет назад

Security update for xmlbeans

suse-cvrf логотип

SUSE-SU-2022:3875-1

suse-cvrf
больше 3 лет назад

Security update for xmlbeans

EPSS

Процентиль: 55%
0.00322
Низкий