Lucene search
GoogleOSV:GHSA-5P52-J8PW-J7X5HistoryDec 19, 2018 - 7:24 p.m.
Improper Restriction of XML External Entity Reference in bedework:bw-webdav
2018-12-1919:24:52
Google
osv.dev
9
0.001 Low
EPSS
Percentile
47.0%
Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.bedework:bw-webdav | eq | 4.0.2 | |
| org.bedework:bw-webdav | eq | 4.0.1 |
Related
prion
prion
Design/Logic Flaw
2018-12-10 02:29:00
veracode
veracode
XML External Entity (XXE)
2018-12-10 09:39:31
cve
cve
CVE-2018-20000
2022-10-03 16:22:05
cvelist
cvelist
CVE-2018-20000
2022-10-03 16:22:05
github
github
Improper Restriction of XML External Entity Reference in bedework:bw-webdav
2018-12-19 19:24:52
osv
osv
CVE-2018-20000
2018-12-10 02:29:00
nvd
nvd
CVE-2018-20000
2018-12-10 02:29:00