Linux Distros Unpatched Vulnerability : CVE-2021-23926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include...

xmlbeans: allowed malicious XML input may lead to XML Entity Expansion attack

A flaw was found when parsing XML files using XMLBeans 2.6.0 or below. The underlying parser created by XMLBeans could be susceptible to XML External Entity XXE attacks. The highest threat from this vulnerability is to confidentiality and system availability...

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ar.com.fdvs:DynamicJasper (=4.0.4) +5784 more potentially affected by CVE-2021-23926 via org.apache.xmlbeans:xmlbeans (>=2.2.0 <=2.6.0)

org.apache.xmlbeans:xmlbeans MAVEN version =2.2.0, =1.3, =1.10.2, =1.13.0, =1.0.1, =0.0.1, =1.1.8, =2.23.5, =2.23.5, =25.11.0 and more Source cves: CVE-2021-23926 Source advisory: OSV:GHSA-MW3R-PFMG-XP92...

CVE-2021-23926

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...

CVE-2021-23926

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...

Apache Xmlbeans 输入验证错误漏洞

Apache Xmlbeans is the Apache Foundation , a software used to support Java and XMl format data to interact . Apache Xmlbeans up to version 2.6.0 suffers from an Input Validation Error vulnerability that stems from a failure to set an attribute required to protect a user from malicious XML input. ...