HornetQ REST vulnerable to Improper Restriction of XML External Entity Reference

2022-05-2422:01:08

Google

osv.dev

0.001 Low

EPSS

Percentile

49.7%

JSON

HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy.

CPENameOperatorVersion
org.hornetq.rest:hornetq-resteq2.3.15.Final
org.hornetq.rest:hornetq-resteq2.3.0.CR1
org.hornetq.rest:hornetq-resteq2.3.0.Alpha
org.hornetq.rest:hornetq-resteq2.4.0.Beta1
org.hornetq.rest:hornetq-resteq1.0-beta-1
org.hornetq.rest:hornetq-resteq2.4.6.Final
org.hornetq.rest:hornetq-resteq2.4.9.Final
org.hornetq.rest:hornetq-resteq2.3.0.BETA2
org.hornetq.rest:hornetq-resteq2.3.11.Final
org.hornetq.rest:hornetq-resteq2.3.6.Final

Name	Operator	Version
org.hornetq.rest:hornetq-rest	eq	2.3.15.Final
org.hornetq.rest:hornetq-rest	eq	2.3.0.CR1
org.hornetq.rest:hornetq-rest	eq	2.3.0.Alpha
org.hornetq.rest:hornetq-rest	eq	2.4.0.Beta1
org.hornetq.rest:hornetq-rest	eq	1.0-beta-1
org.hornetq.rest:hornetq-rest	eq	2.4.6.Final
org.hornetq.rest:hornetq-rest	eq	2.4.9.Final
org.hornetq.rest:hornetq-rest	eq	2.3.0.BETA2
org.hornetq.rest:hornetq-rest	eq	2.3.11.Final
org.hornetq.rest:hornetq-rest	eq	2.3.6.Final