Количество 3
Количество 3
CVE-2016-8739
The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk.
CVE-2016-8739
The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk.
GHSA-x7xf-253v-x3w8
Improper Restriction of XML External Entity Reference in Apache CXF JAX-RS
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-8739 The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk. | CVSS3: 6.5 | 3% Низкий | около 9 лет назад |
 | CVE-2016-8739 The JAX-RS module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 provides a number of Atom JAX-RS MessageBodyReaders. These readers use Apache Abdera Parser which expands XML entities by default which represents a major XXE risk. | CVSS3: 7.5 | 3% Низкий | больше 8 лет назад |
| GHSA-x7xf-253v-x3w8 Improper Restriction of XML External Entity Reference in Apache CXF JAX-RS | CVSS3: 7.5 | 3% Низкий | больше 3 лет назад |
Уязвимостей на страницу