Количество 3
Количество 3
CVE-2023-40310
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP PowerDesigner Client.
GHSA-4wqh-m4m9-qjm8
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP PowerDesigner Client.
BDU:2023-06618
Уязвимость функции импорта BPMN-файлов модуля Business Process Modeling (BPM) инструмента моделирования архитектуры предприятия SAP PowerDesigner, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-40310 SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP PowerDesigner Client. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-4wqh-m4m9-qjm8 SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP PowerDesigner Client. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | BDU:2023-06618 Уязвимость функции импорта BPMN-файлов модуля Business Process Modeling (BPM) инструмента моделирования архитектуры предприятия SAP PowerDesigner, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу