← voltar
CVE-2024-28168

Apache XML Graphics FOP: XML External Entity (XXE) Processing

CVSS 7.5 HIGHEPSS 1.0%CWE-611
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Apache Software Foundation · Apache XML Graphics FOP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://xmlgraphics.apache.org/security.htmlhttp://www.openwall.com/lists/oss-security/2024/10/09/1