Lucene search
ApacheCVELIST:CVE-2022-28890HistoryMay 05, 2022 - 8:40 a.m.
CVE-2022-28890 Processing external DTDs
2022-05-0508:40:09
apache
www.cve.org
6
apache jena
rdf/xml
vulnerability
A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.
CNA Affected
[
{
"product": "Apache Jena",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.4.0",
"status": "affected",
"version": "Apache Jena",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
XML External Entity (XXE)
2022-05-06 05:01:26
prion
prion
Xxe
2022-05-05 09:15:00
nvd
nvd
CVE-2022-28890
2022-05-05 09:15:08
debiancve
debiancve
CVE-2022-28890
2022-05-05 09:15:08
osv
osv
XML External Entity Reference in apache jena
2022-05-06 00:00:53
ubuntucve
ubuntucve
CVE-2022-28890
2022-05-05 00:00:00
github
github
XML External Entity Reference in apache jena
2022-05-06 00:00:53
cve
cve
CVE-2022-28890
2022-05-05 09:15:08
