Design/Logic Flaw

2014-10-0623:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

CPENameOperatorVersion
restlet_frameworkeq2.1.1
restlet_frameworkeq2.1.2
restlet_frameworkeq2.1.0
restlet_frameworkeq2.2 milestone3
restlet_frameworkeq2.1.6
restlet_frameworkeq2.2 milestone5
restlet_frameworkeq2.1.4
restlet_frameworkeq2.1.3
restlet_frameworkeq2.2 milestone4
restlet_frameworkeq2.1.5

Name	Operator	Version
restlet_framework	eq	2.1.1
restlet_framework	eq	2.1.2
restlet_framework	eq	2.1.0
restlet_framework	eq	2.2 milestone3
restlet_framework	eq	2.1.6
restlet_framework	eq	2.2 milestone5
restlet_framework	eq	2.1.4
restlet_framework	eq	2.1.3
restlet_framework	eq	2.2 milestone4
restlet_framework	eq	2.1.5