exploitDog

GHSA-p8cc-4954-r7hw

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.

Ссылки

EPSS

Процентиль: 81%

0.01558

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2017-9095

CVSS3: 5.5

nvd

больше 8 лет назад

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.

EPSS

Процентиль: 81%

0.01558

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611