5 matches found
XML External Entity Reference in weixin-java-tools
An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...
GHSA-H755-H99P-9FFV XML External Entity Reference in weixin-java-tools
An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...
CVE-2019-5312
An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...
CVE-2019-5312
An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318...
CVE-2018-20318
CVE-2018-20318: Weixin-java-tools v3.2.0 has an XXE vulnerability in the BaseWxPayResult.getXmlDoc method. Root cause: XML External Entity processing likely not mitigated. Exploit details and specific impact are not provided in the connected documents. No remediation is specified in the supplied ...