23 matches found
wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl
A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...
The vulnerability of the XMLSchemaValidator class in the JAXP component of the WildFly software framework (JBoss Application Server) allows a malicious actor to gain access to read, modify, add, or delete data using various network protocols.
The vulnerability of the XMLSchemaValidator class in the JAXP component of the WildFly software framework JBoss Application Server is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to remotely gain access to read, modify, add, or delete data usi...
CVE-2020-15366
An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a...