exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-14949

около 8 лет назад

Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.

CVSS3: 7.5

EPSS: Низкий

CVE-2017-14949

больше 8 лет назад

Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.

CVSS3: 7

EPSS: Низкий

CVE-2017-14949

около 8 лет назад

Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.

CVSS3: 7.5

EPSS: Низкий

CVE-2017-14949

около 8 лет назад

Restlet Framework before 2.3.12 allows remote attackers to access arbi ...

CVSS3: 7.5

EPSS: Низкий

GHSA-cvj4-g3gx-8vqq

больше 7 лет назад

Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-14949 Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.	CVSS3: 7.5	1% Низкий	около 8 лет назад
CVE-2017-14949 Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.	CVSS3: 7	1% Низкий	больше 8 лет назад
CVE-2017-14949 Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities (not parameter external entities) are properly considered. This is related to XmlRepresentation, DOMRepresentation, SaxRepresentation, and JacksonRepresentation.	CVSS3: 7.5	1% Низкий	около 8 лет назад
CVE-2017-14949 Restlet Framework before 2.3.12 allows remote attackers to access arbi ...	CVSS3: 7.5	1% Низкий	около 8 лет назад
GHSA-cvj4-g3gx-8vqq Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request	CVSS3: 7.5	1% Низкий	больше 7 лет назад

Уязвимостей на страницу