Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 1:40 a.m.15 views

XML External Entity Reference in weixin-java-tools

An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...

9.8CVSS7.2AI score0.01683EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/05/14 1:40 a.m.10 views

GHSA-H755-H99P-9FFV XML External Entity Reference in weixin-java-tools

An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...

9.8CVSS9.5AI score0.01683EPSS
Exploits1References4
NVD
NVD
added 2019/01/04 4:29 p.m.22 views

CVE-2019-5312

An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...

9.8CVSS9.6AI score0.01683EPSS
Exploits1References1
OSV
OSV
added 2019/01/04 4:29 p.m.17 views

CVE-2019-5312

An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...

9.8CVSS9.6AI score
Exploits0References1
CVE
CVE
added 2018/12/21 12:0 a.m.43 views

CVE-2018-20318

CVE-2018-20318: Weixin-java-tools v3.2.0 has an XXE vulnerability in the BaseWxPayResult.getXmlDoc method. Root cause: XML External Entity processing likely not mitigated. Exploit details and specific impact are not provided in the connected documents. No remediation is specified in the supplied ...

9.8CVSS9.3AI score0.01662EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder