Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Improper Restriction of XML External Entity Reference in Apache POI

🗓️ 17 May 2022 01:24:40Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 56 Views

Improper restriction of XML external entity reference in Apache POI, allowing remote file read via OpenXML

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Release of QRadar 7.2.8 Patch 4 (7.2.8.20170224202650) Updated w/Security Bulletins
10 May 201914:29
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities found in poi-ooxml-3.9.jar which is shipped with IBM® Intelligent Operations Center(CVE-2017-5644, CVE-2019-12415, CVE-2014-3574, CVE-2014-3529)
5 Sep 202312:52
ibm
IBM Security Bulletins		Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar
8 May 202308:37
ibm
IBM Security Bulletins		Security Bulletins for Emptoris Program Management
8 Dec 201816:15
ibm
IBM Security Bulletins		Security Bulletin: OpenSource Apache Poi Vulnerabilities in IBM eDiscovery Manager
17 Jun 201812:17
ibm
IBM Security Bulletins		Security Bulletins for Emptoris Contract Management
8 Dec 201816:15
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in Apache POI affect Asset and Service Management
22 Sep 202203:02
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Cognos affect IBM Control Center (CVE-2012-0213, CVE-2014-3574, CVE-2014-3529, CVE-2014-9527)
17 Dec 201922:47
ibm
IBM Security Bulletins		Security Bulletins for Emptoris Services Procurement
8 Dec 201816:15
ibm
IBM Security Bulletins		Security Bulletin: IBM Forms Experience Builder could be susceptible to Apache POI Vulnerabilities
16 Jun 201820:07
ibm
Rows per page
Vulners
Node
org.apache.poipoiRange<3.10.1maven

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Apr 2024 16:27Current
7.3High risk
Vulners AI Score7.3
CVSS 24.3
EPSS0.05228
CWE-611
apache poixml external entityremote file readopenxml
56