PT-2019-19782 · Checkstyle · Checkstyle

Publicado

2019-03-11

·

Atualizado

2020-10-01

·

CVE-2019-9658

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Checkstyle versions prior to 8.18
Description The issue allows Checkstyle to load external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information.
Recommendations For versions prior to 8.18, update to version 8.18 or later to resolve the issue.

Correção

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-611

Identificadores relacionados

CVE-2019-9658
DLA-1768-1
DLA-2099-1
GHSA-GP32-7H29-RPXM

Produtos afetados

Checkstyle