exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2020-10683

почти 6 лет назад

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

CVSS3: 9.8

EPSS: Низкий

CVE-2020-10683

почти 6 лет назад

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

CVSS3: 7.4

EPSS: Низкий

CVE-2020-10683

почти 6 лет назад

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

CVSS3: 9.8

EPSS: Низкий

CVE-2020-10683

почти 6 лет назад

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and Ext ...

CVSS3: 9.8

EPSS: Низкий

openSUSE-SU-2020:0719-1

больше 5 лет назад

Security update for dom4j

EPSS: Низкий

GHSA-hwj3-m3p6-hj38

больше 5 лет назад

dom4j allows External Entities by default which might enable XXE attacks

CVSS3: 9.8

EPSS: Низкий

BDU:2020-04038

почти 7 лет назад

Уязвимость реализации функции new org.dom4j.io.SAXReader() библиотеки для работы с XML, XPath и XSLT dom4j, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-10683 dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.	CVSS3: 9.8	8% Низкий	почти 6 лет назад
CVE-2020-10683 dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.	CVSS3: 7.4	8% Низкий	почти 6 лет назад
CVE-2020-10683 dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.	CVSS3: 9.8	8% Низкий	почти 6 лет назад
CVE-2020-10683 dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and Ext ...	CVSS3: 9.8	8% Низкий	почти 6 лет назад
openSUSE-SU-2020:0719-1 Security update for dom4j		8% Низкий	больше 5 лет назад
GHSA-hwj3-m3p6-hj38 dom4j allows External Entities by default which might enable XXE attacks	CVSS3: 9.8	8% Низкий	больше 5 лет назад
BDU:2020-04038 Уязвимость реализации функции new org.dom4j.io.SAXReader() библиотеки для работы с XML, XPath и XSLT dom4j, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации	CVSS3: 9.8	8% Низкий	почти 7 лет назад

Уязвимостей на страницу