Lucene search
Veracode Vulnerability DatabaseVERACODE:5460HistoryNov 20, 2017 - 2:25 a.m.
XML External Entity (XXE)
2017-11-2002:25:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
EPSS
0.004
Percentile
73.3%
simple-xml is vulnerable to XML Exeternal Entity (XXE) attacks. The library does not properly disable external entities during deserialization, allowing a malicious user to inject and execute arbitrary code through it or reveal sensitive information.
Related
nvd
nvd
CVE-2017-1000190
2017-11-17 21:29:00
prion
prion
Design/Logic Flaw
2017-11-17 21:29:00
ibm
ibm
Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2017-1000190)
2021-04-22 05:45:13
Log Analysis Security Bulletin List
2021-09-01 11:04:11
ubuntucve
ubuntucve
CVE-2017-1000190
2017-11-17 00:00:00
osv
osv
SimpleXML vulnerable to XML External Entity (XXE)
2022-05-14 00:55:56
CVE-2017-1000190
2017-11-17 21:29:00
cvelist
cvelist
CVE-2017-1000190
2017-11-17 21:00:00
debiancve
debiancve
CVE-2017-1000190
2017-11-17 21:29:00
f5
f5
K02511873 : SimpleXML vulnerability CVE-2017-1000190
2018-01-04 00:00:00
github
github
SimpleXML vulnerable to XML External Entity (XXE)
2022-05-14 00:55:56
cve
cve
CVE-2017-1000190
2017-11-17 21:29:00