exploitDog

GHSA-wjp3-qmqc-27mc

Опубликовано: 21 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call.

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call.

Ссылки

EPSS

Процентиль: 42%

0.00198

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2021-43990

CVSS3: 6.1

nvd

почти 4 года назад

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call.

EPSS

Процентиль: 42%

0.00198

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611