Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/02/15 1:37 a.m.42 views

Improper Input Validation in Xerces

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...

5.3CVSS3.1AI score0.01292EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/15 1:37 a.m.37 views

GHSA-W4JQ-QH47-HVJQ Improper Input Validation in Xerces

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...

5.3CVSS6.6AI score0.01292EPSS
Exploits0References3
OSV
OSV
added 2020/09/17 3:15 p.m.1 views

CVE-2020-14338

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...

5.3CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2020/09/17 3:15 p.m.26 views

Design/Logic Flaw

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...

5CVSS6.1AI score0.04315EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder