Lucene search
GoogleOSV:GHSA-WVPV-8524-WG6XHistoryMay 14, 2022 - 3:38 a.m.
mxGraph vulnerable to XXE attacks
2022-05-1403:38:59
Google
osv.dev
3
mxgraph
xxe
vulnerability
saxparserfactory
xml external entity
serverview
software
In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.
Related
openvas
openvas
Fedora Update for jgraphx FEDORA-2018-b3f8bee2e0
2018-04-21 00:00:00
Fedora Update for jgraphx FEDORA-2018-b268b5bbb5
2018-04-21 00:00:00
Debian: Security Advisory (DLA-1299-1)
2018-03-26 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: jgraphx-3.6.0.0-3.fc26
2018-04-21 03:03:10
[SECURITY] Fedora 27 Update: jgraphx-3.6.0.0-4.fc27
2018-04-21 03:41:10
osv
osv
CVE-2017-18197
2018-02-24 02:29:01
libjgraphx-java - security update
2018-03-04 00:00:00
jgraphx-3.9.2-1.9 on GA media
2024-06-15 00:00:00
debiancve
debiancve
CVE-2017-18197
2018-02-24 02:29:01
nessus
nessus
openSUSE Security Update : jgraphx (openSUSE-2018-228)
2018-03-07 00:00:00
Debian DLA-1299-1 : libjgraphx-java security update
2018-03-05 00:00:00
Fedora 26 : jgraphx (2018-b3f8bee2e0)
2018-04-23 00:00:00
veracode
veracode
XML External Entity (XXE) Injection
2018-02-27 01:50:34
redhatcve
redhatcve
CVE-2017-18197
2018-03-01 04:48:44
ubuntucve
ubuntucve
CVE-2017-18197
2018-02-24 00:00:00
debian
debian
[SECURITY] [DLA 1299-1] libjgraphx-java security update
2018-03-04 22:38:34
prion
prion
Xxe
2018-02-24 02:29:00
cvelist
cvelist
CVE-2017-18197
2018-02-24 02:00:00
nvd
nvd
CVE-2017-18197
2018-02-24 02:29:01
github
github
mxGraph vulnerable to XXE attacks
2022-05-14 03:38:59
cve
cve
CVE-2017-18197
2018-02-24 02:29:01