PT-2023-10345 · Dd-Plist · Dd-Plist

Solind

·

Publicado

2023-02-20

·

Atualizado

2024-05-17

·

CVE-2016-15026

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions 3breadt dd-plist version 1.17
Description A vulnerability was found in the software, classified as problematic, affecting some unknown functionality. The manipulation leads to xml external entity reference. An attack has to be approached locally. Upgrading to version 1.18 is able to address this issue.
Recommendations For version 1.17, upgrade to version 1.18 to address the issue.

Correção

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-611

Identificadores relacionados

CVE-2016-15026
GHSA-4JX2-HVQW-93J9

Produtos afetados

Dd-Plist