Lucene search
K

7 matches found

OSV
OSV
added 2026/01/05 3:32 p.m.3 views

GHSA-JQMR-2PG9-VFX7 Apache SIS has Improper Restriction of XML External Entity Reference vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.5CVSS5.8AI score0.00582EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/01/05 3:32 p.m.11 views

Apache SIS has Improper Restriction of XML External Entity Reference vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.5CVSS6.6AI score0.00582EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/01/05 2:15 p.m.9 views

CVE-2025-68280

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.5CVSS0.00582EPSS
Exploits0References3
OSV
OSV
added 2026/01/05 2:15 p.m.5 views

CVE-2025-68280

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.5CVSS5.6AI score
Exploits0References3
Cvelist
Cvelist
added 2026/01/05 1:45 p.m.23 views

CVE-2025-68280 Apache SIS: XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

0.00582EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/05 1:45 p.m.3 views

CVE-2025-68280 Apache SIS: XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.2AI score0.00582EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.9 views

PT-2026-1285

Name of the Vulnerable Software and Affected Versions Apache SIS versions 0.4 through 1.5 Description An improper restriction of XML external entity reference issue exists in Apache SIS. An attacker can craft XML files that, when parsed by Apache SIS, reveal the content of local files on the...

6.5CVSS5.9AI score0.00582EPSS
Exploits0References11
Rows per page
Query Builder