Xxe

2018-12-2015:29:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.9%

JSON

KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity (XXE) vulnerability in kdbx file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

CPENameOperatorVersion
keepass_dxeq2.5.0.0 beta1
keepass_dxeq2.5.0.0 beta2
keepass_dxeq2.5.0.0 beta3
keepass_dxeq2.5.0.0 beta4
keepass_dxeq2.5.0.0 beta5
keepass_dxeq2.5.0.0 beta6
keepass_dxeq2.5.0.0 beta7
keepass_dxeq2.5.0.0 beta8
keepass_dxeq2.5.0.0 beta9
keepass_dxeq2.5.0.0 beta10

Name	Operator	Version
keepass_dx	eq	2.5.0.0 beta1
keepass_dx	eq	2.5.0.0 beta2
keepass_dx	eq	2.5.0.0 beta3
keepass_dx	eq	2.5.0.0 beta4
keepass_dx	eq	2.5.0.0 beta5
keepass_dx	eq	2.5.0.0 beta6
keepass_dx	eq	2.5.0.0 beta7
keepass_dx	eq	2.5.0.0 beta8
keepass_dx	eq	2.5.0.0 beta9
keepass_dx	eq	2.5.0.0 beta10