Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:34498
HistoryMar 04, 2022 - 2:49 a.m.

XML External Entity (XXE)

2022-03-0402:49:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

0.002 Low

EPSS

Percentile

57.2%

JSON

hazelcast is vulnerable to XML external entity attacks. The AbstractXmlConfigRootTagRecognizer function of AbstractXmlConfigRootTagRecognizer.java does not disable access to external entities by default, allowing an attacker to submit a malicious XML document to perform requests on behalf of the server.

Related

cve 1
cvelist 1
osv 2
nvd 1
githubexploit 1
huntr 1
redhatcve 1
prion 1
github 1
ibm 1
cve
cve
CVE-2022-0265
2022-03-03 22:15:08
cvelist
cvelist
CVE-2022-0265 Improper Restriction of XML External Entity Reference in hazelcast/hazelcast
2022-03-03 21:40:10
osv
osv
CVE-2022-0265
2022-03-03 22:15:08
XML External Entity Reference in Hazelcast
2022-03-04 00:00:15
nvd
nvd
CVE-2022-0265
2022-03-03 22:15:08
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Hazelcast
2022-04-21 08:24:26
huntr
huntr
in hazelcast/hazelcast
2022-01-16 05:27:14
redhatcve
redhatcve
CVE-2022-0265
2022-03-14 16:44:16
prion
prion
Xxe
2022-03-03 22:15:00
github
github
XML External Entity Reference in Hazelcast
2022-03-04 00:00:15
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in Java and Node.js packages affect IBM Voice Gateway
2023-01-11 18:41:50

0.002 Low

EPSS

Percentile

57.2%

JSON
Related for VERACODE:34498
cve1cvelist1osv2nvd1githubexploit1huntr1redhatcve1prion1github1ibm1