5 matches found
SUSE CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency's Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...
apache-ivy: XML External Entity vulnerability
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
apache-ivy: XML External Entity vulnerability
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
GHSA-2JC4-R94C-RP7H Apache Ivy External Entity Reference vulnerability
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
PT-2023-8841 · Apache +1 · Apache Ivy +1
Name of the Vulnerable Software and Affected Versions: Apache Ivy versions prior to 2.5.2 Description: The issue is related to improper restriction of XML external entity references, which can lead to XML injection, also known as blind XPath injection. When Apache Ivy parses XML files, it allows...