PT-2023-10345 · Dd-Plist · Dd-Plist
Solind
·
Published
2023-02-20
·
Updated
2024-05-17
·
CVE-2016-15026
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
3breadt dd-plist version 1.17
Description
A vulnerability was found in the software, classified as problematic, affecting some unknown functionality. The manipulation leads to xml external entity reference. An attack has to be approached locally. Upgrading to version 1.18 is able to address this issue.
Recommendations
For version 1.17, upgrade to version 1.18 to address the issue.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dd-Plist