Lucene search
HistoryOct 06, 2014 - 11:55 p.m.
CVE-2014-1868
cve-2014-1868
restlet framework
xml
serialization
xee attack
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
62.3%
Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.
Affected configurations
Node
restletrestlet_frameworkRange≤2.2milestone6
ORrestletrestlet_frameworkMatch2.1.0
ORrestletrestlet_frameworkMatch2.1.1
ORrestletrestlet_frameworkMatch2.1.2
ORrestletrestlet_frameworkMatch2.1.3
ORrestletrestlet_frameworkMatch2.1.4
ORrestletrestlet_frameworkMatch2.1.5
ORrestletrestlet_frameworkMatch2.1.6
ORrestletrestlet_frameworkMatch2.2milestone1
ORrestletrestlet_frameworkMatch2.2milestone2
ORrestletrestlet_frameworkMatch2.2milestone3
ORrestletrestlet_frameworkMatch2.2milestone4
ORrestletrestlet_frameworkMatch2.2milestone5
Related
osv
osv
Moderate severity vulnerability that affects org.restlet.jse:org.restlet
2018-10-17 00:04:53
nvd
nvd
CVE-2014-1868
2014-10-06 23:55:07
ubuntucve
ubuntucve
CVE-2014-1868
2014-10-06 00:00:00
github
github
Moderate severity vulnerability that affects org.restlet.jse:org.restlet
2018-10-17 00:04:53
prion
prion
Design/Logic Flaw
2014-10-06 23:55:00
cvelist
cvelist
CVE-2014-1868
2014-10-06 23:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
62.3%
Related for CVE-2014-1868