Описание
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 6%
0.00026
Низкий
5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5
nvd
около 2 лет назад
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
CVSS3: 5
debian
около 2 лет назад
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content a ...
EPSS
Процентиль: 6%
0.00026
Низкий
5 Medium
CVSS3