Moderate severity vulnerability that affects org.restlet.jse:org.restlet

2018-10-1700:04:53

Google

osv.dev

0.002 Low

EPSS

Percentile

62.1%

JSON

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

References

secunia.com/advisories/56940

exchange.xforce.ibmcloud.com/vulnerabilities/91181

github.com/advisories/GHSA-73cq-fhp3-8rpw

github.com/restlet/restlet-framework-java

github.com/restlet/restlet-framework-java/wiki/XEE-security-enhancements

nvd.nist.gov/vuln/detail/CVE-2014-1868

0.002 Low

EPSS

Percentile

62.1%

JSON

Related for OSV:GHSA-73CQ-FHP3-8RPW