CVE-2021-3836

🗓️ 14 Dec 2021 15:20:13Reported by @huntrdevType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 335 Views

dBeaver vulnerable to XML External Entity Referenc

Reporter	Title	Published	Views	Family All 12
Huntr	in dbeaver/dbeaver	29 Sep 202120:40	–	huntr
Circl	CVE-2021-3836	14 Dec 202118:15	–	circl
CNNVD	DBeaver 代码问题漏洞	14 Dec 202100:00	–	cnnvd
CNVD	DBeaver XML External Entity Injection Vulnerability	19 Dec 202100:00	–	cnvd
Cvelist	CVE-2021-3836 Improper Restriction of XML External Entity Reference in dbeaver/dbeaver	14 Dec 202115:20	–	cvelist
Tenable Nessus	DBeaver < 21.2.3 XXE Vulnerability	30 Jan 202600:00	–	nessus
EUVD	EUVD-2021-27083	7 Oct 202500:30	–	euvd
NCSC	Vulnerability fixed in DBeaver	16 Dec 202100:00	–	ncsc
NVD	CVE-2021-3836	14 Dec 202116:15	–	nvd
Prion	Xxe	14 Dec 202116:15	–	prion

NVD

Node

dbeaver dbeaverRange<21.2.3

[
  {
    "product": "dbeaver/dbeaver",
    "vendor": "dbeaver",
    "versions": [
      {
        "lessThan": "21.2.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/dbeaver/dbeaver/commit/4debf8f25184b7283681ed3fb5e9e887d9d4fe22
huntr	www.huntr.dev/bounties/a98264fb-1930-4c7c-b774-af24c0175fd4

17 Jun 2026 04:05Current

5.9Medium risk

Vulners AI Score5.9

CVSS 24.3

CVSS 3.15.5

CVSS 39.8

EPSS0.00898

CWE-611