Lucene search

XML External Entity (XXE)

🗓️ 28 Sep 2017 03:39:17Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 16 Views

Apache commons-jelly vulnerability to XML External Entity (XXE

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
UbuntuCve	CVE-2017-12621	28 Sep 201700:00	–	ubuntucve
RedhatCVE	CVE-2017-12621	10 Jun 202118:23	–	redhatcve
OSV	GHSA-6G33-82GC-3PW5 Improper Restriction of XML External Entity Reference in Jelly	17 May 202200:34	–	osv
CVE	CVE-2017-12621	28 Sep 201701:29	–	cve
Prion	Xxe	28 Sep 201701:29	–	prion
Cvelist	CVE-2017-12621	27 Sep 201716:00	–	cvelist
NVD	CVE-2017-12621	28 Sep 201701:29	–	nvd
Github Security Blog	Improper Restriction of XML External Entity Reference in Jelly	17 May 202200:34	–	github
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2023	1 Sep 202319:56	–	ibm

Vulners

Node

commons-jelly commons-jellyRange1.0-beta-4–1.0java

commons-jelly commons-jellyRangeSNAPHSOT–1.0.1java

Source	Link
issues	www.issues.apache.org/jira/browse/JELLY-293
commons	www.commons.apache.org/proper/commons-jelly/security-reports.html
seclists	www.seclists.org/oss-sec/2017/q3/554
github	www.github.com/apache/commons-jelly/commit/e3ec3356ed733f25b2840542b29d77aff6cd5c7b
securityfocus	www.securityfocus.com/bid/101052
securitytracker	www.securitytracker.com/id/1039444
lists	www.lists.apache.org/thread.html/f1fc3f2c45264af44ce782d54b5908ac95f02bf7ad88bb57bfb04b73%40%3Cdev.commons.apache.org%3E
lists	www.lists.apache.org/thread.html/f1fc3f2c45264af44ce782d54b5908ac95f02bf7ad88bb57bfb04b73@%3Cdev.commons.apache.org%3E
github	www.github.com/apache/commons-jelly/commit/ed885dee7d315dcab3e18c17a0ba9823bcce7968
blackhat	www.blackhat.com/us-17/speakers/Luca-Carettoni.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Sep 2017 03:17Current

9.1High risk

Vulners AI Score9.1

CVSS27.5

CVSS39.8

EPSS0.00465