4 matches found
EUVD-2022-3111
Malicious code in bioql PyPI...
GHSA-85HW-W436-C725 XML External Entity Reference in Apache Cayenne
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a...
Apache Cayenne CayenneModeler XML External Entity Injection Vulnerability
Apache Cayenne is the United States Apache Apache Software Foundation of an open source persistence framework that provides object-relational mapping ORM and remote services . CayenneModeler is one of the graphical user interface . A security vulnerability exists in CayenneModeler in Apache Cayen...
XML External Entity (XXE)
Apache cayenne-server is vulnerable to XML external entity XXE. The XML external entity declaration is not disabled in the XML parser of the CayenneModeler and allows an attacker to access local or remote content via a declared system identifier...