CWE-611
AllowedImproper Restriction of XML External Entity Reference
Abstraction: Base · Status: Draft
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1691 vulnerabilities reference this CWE, most recent first.
GHSA-WMHW-HPWH-44PG
Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2024-04-12 22:03XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.activemq:apollo-project"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0"
},
{
"fixed": "1.7.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-3579"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2023-09-25T14:51:14Z",
"nvd_published_at": "2017-10-27T19:29:00Z",
"severity": "CRITICAL"
},
"details": "XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.",
"id": "GHSA-wmhw-hpwh-44pg",
"modified": "2024-04-12T22:03:42Z",
"published": "2022-05-14T01:14:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3579"
},
{
"type": "WEB",
"url": "https://github.com/apache/activemq-apollo/commit/e5647554e6801a522c508a8eb457979a9af8c398"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100721"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/activemq-apollo"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/APLO-366"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20150213000202/http://seclists.org/oss-sec/2015/q1/428"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200228080433/http://www.securityfocus.com/bid/72508"
},
{
"type": "WEB",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2014-3579-announcement.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Apache ActiveMQ Apollo XXE Vulnerability"
}
GHSA-WP2F-HRG2-3R5M
Vulnerability from github – Published: 2022-05-14 00:58 – Updated: 2022-07-01 19:32In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capability of various XML parsers. UIMA as part of its configuration and operation may read XML from various sources, which could be tainted in ways to cause inadvertent disclosure of local files or other internal content.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.uima:uimafit-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.uima:uimaj-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.10.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.0-alpha02"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.uima:uimaj-core"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0-alpha"
},
{
"fixed": "3.0.0-beta"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.uima:uimaj-as-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.10.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-15691"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-01T19:32:51Z",
"nvd_published_at": "2018-04-26T17:29:00Z",
"severity": "MODERATE"
},
"details": "In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capability of various XML parsers. UIMA as part of its configuration and operation may read XML from various sources, which could be tainted in ways to cause inadvertent disclosure of local files or other internal content.",
"id": "GHSA-wp2f-hrg2-3r5m",
"modified": "2022-07-01T19:32:51Z",
"published": "2022-05-14T00:58:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15691"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1545"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/00407c65738e625a8cc9d732923a4ab2d8299603cc7c7e5cc2da9c79@%3Ccommits.uima.apache.org%3E"
},
{
"type": "WEB",
"url": "https://uima.apache.org/security_report#CVE-2017-15691"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper Restriction of XML External Entity Reference in Apache uimaj"
}
GHSA-WP35-6JQV-R33M
Vulnerability from github – Published: 2022-05-14 01:53 – Updated: 2023-07-28 18:41XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.xmlrpc:xmlrpc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-5002"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-28T18:41:18Z",
"nvd_published_at": "2017-10-27T18:29:00Z",
"severity": "HIGH"
},
"details": "XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.",
"id": "GHSA-wp35-6jqv-r33m",
"modified": "2023-07-28T18:41:18Z",
"published": "2022-05-14T01:53:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5002"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3768"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/115042"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-26"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20210123151805/http://www.securityfocus.com/bid/91736"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20211021044107/http://www.securitytracker.com/id/1036294"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20230520164025/https://0ang3el.blogspot.com/2016/07/beware-of-ws-xmlrpc-library-in-your.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/07/12/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/91736"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1036294"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Apache XML-RPC XXE Vulnerability"
}
GHSA-WPC5-5W3X-GFQH
Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996.
{
"affected": [],
"aliases": [
"CVE-2018-0108"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-18T06:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996.",
"id": "GHSA-wpc5-5w3x-gfqh",
"modified": "2022-05-13T01:35:48Z",
"published": "2022-05-13T01:35:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0108"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102720"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040238"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WQ6X-G685-W5F2
Vulnerability from github – Published: 2021-04-07 21:13 – Updated: 2024-10-17 20:59Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Plone"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.2.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "plone.app.event"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "plone.app.theming"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "plone.app.dexterity"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "plone.supermodel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-28734"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-07T19:34:40Z",
"nvd_published_at": "2020-12-30T19:15:00Z",
"severity": "HIGH"
},
"details": "Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.",
"id": "GHSA-wq6x-g685-w5f2",
"modified": "2024-10-17T20:59:18Z",
"published": "2021-04-07T21:13:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28734"
},
{
"type": "WEB",
"url": "https://github.com/plone/Products.CMFPlone/issues/3209"
},
{
"type": "WEB",
"url": "https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-wq6x-g685-w5f2"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml"
},
{
"type": "WEB",
"url": "https://www.misakikata.com/codes/plone/python-en.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Improper Restriction of XML External Entity Reference in Plone"
}
GHSA-WQMP-2P5R-RHFV
Vulnerability from github – Published: 2022-05-18 00:00 – Updated: 2022-12-02 20:07Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows attackers with Item/Configure permission to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jvnet.hudson.plugins:storable-configs-plugin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-30971"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-01T21:16:28Z",
"nvd_published_at": "2022-05-17T15:15:00Z",
"severity": "HIGH"
},
"details": "Jenkins Storable Configs Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.\n\nThis allows attackers with Item/Configure permission to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.",
"id": "GHSA-wqmp-2p5r-rhfv",
"modified": "2022-12-02T20:07:45Z",
"published": "2022-05-18T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30971"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/storable-configs-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-1969"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "XML External Entity Reference in Jenkins Storable Configs Plugin"
}
GHSA-WR2Q-44MP-HGQR
Vulnerability from github – Published: 2024-04-17 00:30 – Updated: 2024-04-17 00:30Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
{
"affected": [],
"aliases": [
"CVE-2024-21048"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-16T22:15:21Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",
"id": "GHSA-wr2q-44mp-hgqr",
"modified": "2024-04-17T00:30:55Z",
"published": "2024-04-17T00:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21048"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WR5R-M8PC-85J9
Vulnerability from github – Published: 2019-01-25 16:18 – Updated: 2024-03-04 23:42Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-xml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.3.19"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-xml"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-xml"
},
"ranges": [
{
"events": [
{
"introduced": "5.1.0"
},
{
"fixed": "5.1.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-ws"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.3.19"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-ws"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework.integration:spring-integration-ws"
},
"ranges": [
{
"events": [
{
"introduced": "5.1.0"
},
{
"fixed": "5.1.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-3772"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T22:01:07Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.",
"id": "GHSA-wr5r-m8pc-85j9",
"modified": "2024-03-04T23:42:26Z",
"published": "2019-01-25T16:18:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3772"
},
{
"type": "WEB",
"url": "https://github.com/spring-projects/spring-integration/commit/59c69ed40d3755ef59f80872e0ea711adbb13620"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-wr5r-m8pc-85j9"
},
{
"type": "WEB",
"url": "https://pivotal.io/security/cve-2019-3772"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106749"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Improper Restriction of XML External Entity Reference in org.springframework.integration:spring-integration-ws and org.springframework.integration:spring-integration-xml"
}
GHSA-WR69-G62G-2R9H
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-07-06 20:23XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 10.11.1.1"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.derby:derby"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.12.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2015-1832"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-06T20:23:16Z",
"nvd_published_at": "2016-10-03T21:59:00Z",
"severity": "CRITICAL"
},
"details": "XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.",
"id": "GHSA-wr69-g62g-2r9h",
"modified": "2022-07-06T20:23:16Z",
"published": "2022-05-13T01:14:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1832"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/DERBY-6807"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://svn.apache.org/viewvc?view=revision\u0026revision=1691461"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Restriction of XML External Entity Reference in Apace Derby"
}
GHSA-WRCC-XJP4-3F52
Vulnerability from github – Published: 2022-05-24 17:11 – Updated: 2024-04-04 02:49Oxygen XML Editor 21.1.1 allows XXE to read any file.
{
"affected": [],
"aliases": [
"CVE-2019-20191"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-16T22:15:00Z",
"severity": "HIGH"
},
"details": "Oxygen XML Editor 21.1.1 allows XXE to read any file.",
"id": "GHSA-wrcc-xjp4-3f52",
"modified": "2024-04-04T02:49:28Z",
"published": "2022-05-24T17:11:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20191"
},
{
"type": "WEB",
"url": "https://medium.com/%40Pablo0xSantiago/cve-2019-20191-oxygen-xml-editor-21-1-1-allows-xxe-216b816f312b"
},
{
"type": "WEB",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20191-oxygen-xml-editor-21-1-1-allows-xxe-216b816f312b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.