Lucene search
EclipseCVELIST:CVE-2018-12544HistoryOct 10, 2018 - 8:00 p.m.
CVE-2018-12544
2018-10-1020:00:00
CWE-611
eclipse
www.cve.org
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema.
CNA Affected
[
{
"product": "Eclipse Vert.x",
"vendor": "The Eclipse Foundation",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.5.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
redhatcve
redhatcve
CVE-2018-12544
2018-10-11 13:19:59
github
github
Moderate severity vulnerability that affects io.vertx:vertx-core
2018-10-17 16:20:32
cve
cve
CVE-2018-12544
2018-10-10 20:29:00
osv
osv
CVE-2018-12544
2018-10-10 20:29:00
Moderate severity vulnerability that affects io.vertx:vertx-core
2018-10-17 16:20:32
nvd
nvd
CVE-2018-12544
2018-10-10 20:29:00
prion
prion
Design/Logic Flaw
2018-10-10 20:29:00
veracode
veracode
XML External Entity (XXE)
2018-10-19 02:21:57
redhat
redhat