Moderate severity vulnerability that affects com.adobe.xmp:xmpcore

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

[SECURITY] Fedora 28 Update: exempi-2.4.5-1.fc28

Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles...

XML External Entity (XXE)

Adobe xmpcore is vulnerable to XML external entity XXE attacks. The attacks are possible because it does not properly handle the XML data containing an external entity declaration in conjunction with an entity reference, allowing users to read arbitrary files...

CVE-2016-4216

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

Xxe

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2016-4216

Summary: CVE-2016-4216 affects XMPCore in Adobe XMP Toolkit for Java prior to 5.1.3, enabling remote attackers to read arbitrary files through XML data containing an external entity declaration combined with an entity reference (XXE). This is the defined impact as reported across multiple sources...