CVE-2020-14940

Опубликовано: 23 июн. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%

0.00389

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-14940

CVSS3: 7.5

nvd

больше 5 лет назад

An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.

CVE-2020-14940

CVSS3: 7.5

debian

больше 5 лет назад

An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar ...

GHSA-6ph8-rp44-5gqr

github

больше 3 лет назад

An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.

EPSS

Процентиль: 59%

0.00389

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-14940

Описание

Пакет tuxguitar

Ссылки на источники

Связанные уязвимости