5 matches found
GHSA-WC9J-GC65-3CM7 DDFFileParser is vulnerable to XXE Attacks
Impact DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE AttacksProcessing. DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files e.g. if they let external users provide their own model...
DDFFileParser is vulnerable to XXE Attacks
Impact DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE AttacksProcessing. DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files e.g. if they let external users provide their own model...
CVE-2023-41034 DDFFileParser in eclipse leshan is vulnerable to XXE Attacks
Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE Attacks. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if the...
CVE-2023-41034
The CVE-2023-41034 issue affects Eclipse Leshan: DDFFileParser, DefaultDDFFileValidator (and ObjectLoader) are vulnerable to XXE Attacks when parsing untrusted DDF files. The root cause is exposure to XML External Entities. Remediation is to upgrade to fixed versions 1.5.0 or 2.0.0-M13; upgrades ...
CVE-2023-41034 DDFFileParser in eclipse leshan is vulnerable to XXE Attacks
Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser and DefaultDDFFileValidator and so ObjectLoader are vulnerable to XXE Attacks. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if the...