PT-2016-5677 · Fasterxml · Jackson-Dataformat-Xml
Publicado
2016-05-13
·
Atualizado
2021-09-27
·
CVE-2016-3720
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
jackson-dataformat-xml (affected versions not specified)
Description
The issue is related to an XML external entity (XXE) vulnerability in XmlMapper. This vulnerability allows attackers to have an unspecified impact via unknown vectors.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jackson-Dataformat-Xml