9 matches found
EUVD-2022-35072
Malicious code in bioql PyPI...
CVE-2022-2838
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
CVE-2022-2838
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
CVE-2022-2838
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
CVE-2022-2838
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
Xxe
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
CVE-2022-2838
CVE-2022-2838 affects Eclipse Sphinx prior to 0.13.1. The vulnerability stems from using the Apache Xerces XML Parser without disabling processing of referenced external entities, enabling an attacker to inject arbitrary definitions and access local files, with data exfiltration possible via HTTP...
CVE-2022-2838
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...
Eclipse Sphinx 代码问题漏洞
Eclipse Sphinx is an extensible platform from the Eclipse Foundation that simplifies the creation of integrated modeling tool environments that support a single or multiple modeling languages which can be UML-based or native DSL, with a particular focus on industrial strength and interoperability...