2 matches found
CVE-2018-1000844
Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity XXE vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerability appears to have...
CVE-2018-1000844
CVE-2018-1000844 concerns Square Open Source Retrofit. The vulnerability stems from an XML External Entity (XXE) flaw in JAXB in Retrofit versions prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437, which could allow an attacker to read files from the filesystem or perform SSRF. The issue i...