exploitDog

CVE-2018-14065

Опубликовано: 15 июл. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

XMLReader.php in PHPOffice Common before 0.2.9 allows XXE.

Ссылки

https://github.com/PHPOffice/Common/pull/23
Third Party Advisory
https://github.com/PHPOffice/Common/releases/tag/0.2.9
Third Party Advisory
https://github.com/PHPOffice/PHPWord/issues/1421
Third Party Advisory
https://github.com/PHPOffice/Common/pull/23
Third Party Advisory
https://github.com/PHPOffice/Common/releases/tag/0.2.9
Third Party Advisory
https://github.com/PHPOffice/PHPWord/issues/1421
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpoffice_project:common:*:*:*:*:*:*:*:*

Версия до 0.2.9 (исключая)

EPSS

Процентиль: 61%

0.00418

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-2853-hf2g-9843

CVSS3: 9.8

github

больше 3 лет назад

PHPOffice Common Improper Restriction of XML External Entity Reference

EPSS

Процентиль: 61%

0.00418

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-611