CVE-2017-1000477

2018-01-0318:29:00

Google

osv.dev

0.001 Low

EPSS

Percentile

40.9%

XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks.

CPENameOperatorVersion
xmlbundleeq0.1.4
xmlbundleeq0.1.1
xmlbundleeq0.1.6
xmlbundleeq0.1.3
xmlbundleeq0.1.2
xmlbundleeq0.1.5
xmlbundleeq0.1.7

Name	Operator	Version
xmlbundle	eq	0.1.4
xmlbundle	eq	0.1.1
xmlbundle	eq	0.1.6
xmlbundle	eq	0.1.3
xmlbundle	eq	0.1.2
xmlbundle	eq	0.1.5
xmlbundle	eq	0.1.7

References

github.com/pravednik/xmlBundle

github.com/pravednik/xmlBundle/issues/2

0.001 Low

EPSS

Percentile

40.9%

Related for OSV:CVE-2017-1000477