Lucene search
K

7 matches found

NVD
NVD
added 2025/06/19 10:15 p.m.6 views

CVE-2025-47293

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity XXE attack and to a server-side request forgery SSRF attack. This allows an attacker to elevate their...

6.9CVSS0.00371EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/19 9:35 p.m.5 views

CVE-2025-47293 PowSyBl Core XML Reader allows XXE and SSRF

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity XXE attack and to a server-side request forgery SSRF attack. This allows an attacker to elevate their...

6.9CVSS7AI score0.00371EPSS
Exploits0References3
OSV
OSV
added 2025/06/19 9:35 p.m.7 views

CVE-2025-47293 PowSyBl Core XML Reader allows XXE and SSRF

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity XXE attack and to a server-side request forgery SSRF attack. This allows an attacker to elevate their...

6.9CVSS6.6AI score0.00371EPSS
Exploits0References5
CVE
CVE
added 2025/06/19 9:35 p.m.23 views

CVE-2025-47293

CVE-2025-47293 concerns PowSyBl (Power System Blocks) where powsybl-core XML parsing via com.powsybl.commons.xml.XmlReader is vulnerable to XXE and SSRF. The root cause is treating XmlReader as trusted when untrusted XML (CGMES/XIIDM) is submitted, allowing privilege escalation to read sensitive ...

6.9CVSS6.4AI score0.00371EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/06/19 2:29 p.m.8 views

com.powsybl:powsybl-distribution-core (>=6.0.0 <=6.7.1) potentially affected by CVE-2025-47293 via com.powsybl:powsybl-cim-anonymiser (>=6.0.0-RC1 <=6.7.1)

com.powsybl:powsybl-cim-anonymiser MAVEN version =6.0.0-RC1, =6.0.0, =6.7.1 Source cves: CVE-2025-47293 Source advisory: SNYK:JAVA-COMPOWSYBL-10442134...

6.9CVSS5.8AI score0.00371EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/19 2:29 p.m.7 views

com.farao-community.farao:csa-runner-api (>=1.2.1 <=2.6.1), com.farao-community.farao:csa-runner-app (>=0.0.1 <=2.6.1) +345 more potentially affected by CVE-2025-47293 via com.powsybl:powsybl-commons (>=1.0.0 <=6.7.1)

com.powsybl:powsybl-commons MAVEN version =1.0.0, =1.2.1, =0.0.1, =4.1.4, =1.0.0, =3.9.3, =1.0.0, =3.7.1, =2.0.0, =3.0.0, =2.4.1, =3.9.0, =4.5.0, =3.3.3, =3.6.0, =5.0.0 and more Source cves: CVE-2025-47293 Source advisory: OSV:GHSA-QPJ9-QCWX-8JV2...

6.9CVSS5.8AI score0.00371EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/19 2:29 p.m.8 views

com.farao-community.farao:csa-runner-api (>=1.2.1 <=2.6.1), com.farao-community.farao:csa-runner-app (>=1.2.1 <=2.6.1) +268 more potentially affected by CVE-2025-47293 via com.powsybl:powsybl-commons (>=6.0.0-RC1 <=6.7.1)

com.powsybl:powsybl-commons MAVEN version =6.0.0-RC1, =1.2.1, =1.2.1, =4.6.1, =4.6.1, =4.6.0, =4.6.1, =4.6.0, =4.6.1, =4.6.1, =4.6.1, =4.6.1, =4.6.0, =4.6.1, =4.6.1, =4.6.1, =5.0.0 and more Source cves: CVE-2025-47293 Source advisory: SNYK:JAVA-COMPOWSYBL-10442135...

6.9CVSS5.8AI score0.00371EPSS
Exploits0
Rows per page
Query Builder