Lucene search
ApacheCVELIST:CVE-2017-5644HistoryMar 24, 2017 - 2:00 p.m.
CVE-2017-5644
2017-03-2414:00:00
apache
www.cve.org
Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
CNA Affected
[
{
"product": "Apache POI",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "before 3.15"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2017-5644
2017-03-24 00:00:00
github
github
Improper Restriction of Recursive Entity References in DTDs in Apache POI
2022-05-13 01:14:24
ibm
ibm
cve
cve
CVE-2017-5644
2017-03-24 14:59:00
osv
osv
Improper Restriction of Recursive Entity References in DTDs in Apache POI
2022-05-13 01:14:24
CVE-2017-5644
2017-03-24 14:59:00
veracode
veracode
Denial Of Service (DoS) Via XML External Expansion (XEE)
2017-03-22 01:45:07
prion
prion
Design/Logic Flaw
2017-03-24 14:59:00
nvd
nvd
CVE-2017-5644
2017-03-24 14:59:00
debiancve
debiancve
CVE-2017-5644
2017-03-24 14:59:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00