Lucene search
Veracode Vulnerability DatabaseVERACODE:18040HistoryMay 02, 2019 - 6:11 a.m.
XML External Entity (XXE) Attacks
2019-05-0206:11:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.002 Low
EPSS
Percentile
61.1%
IBM SDK, Java Technology Edition is vulnerable to XML External Entity Injection (XXE). This error occurs when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources.
References
www.securityfocus.com/bid/98401
access.redhat.com/errata/RHSA-2017:1220
access.redhat.com/errata/RHSA-2017:1221
access.redhat.com/errata/RHSA-2017:1222
access.redhat.com/errata/RHSA-2017:3453
access.redhat.com/security/updates/classification/#moderate
developer.ibm.com/javasdk/support/security-vulnerabilities/
www.ibm.com/support/docview.wss?uid=swg22002169
Related
ibm
ibm
nvd
nvd
CVE-2017-1289
2017-05-22 20:29:00
cve
cve
CVE-2017-1289
2017-05-22 20:29:00
ubuntucve
ubuntucve
CVE-2017-1289
2017-05-22 00:00:00
cvelist
cvelist
CVE-2017-1289
2017-05-22 20:00:00
prion
prion
Xxe
2017-05-22 20:29:00
nessus
nessus
IBM Java 6.0 < 6.0.16.45 / 6.1 < 6.1.8.45 / 7.0 < 7.0.10.5 / 7.1 < 7.1.4.5 / 8.0 < 8.0.4.5 Multiple Vulnerabilities
2022-04-29 00:00:00
RHEL 6 : java-1.6.0-ibm (RHSA-2017:1222)
2017-05-11 00:00:00
RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2017:1221)
2017-05-11 00:00:00
redhat
redhat
(RHSA-2017:1222) Moderate: java-1.6.0-ibm security update
2017-05-10 12:23:26
(RHSA-2017:1221) Moderate: java-1.7.1-ibm security update
2017-05-10 12:23:11
(RHSA-2017:1220) Moderate: java-1.8.0-ibm security update
2017-05-10 12:22:51
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1386-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1384-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1385-1)
2021-04-19 00:00:00
suse
suse
Security update for java-1_7_0-ibm (important)
2017-05-23 21:13:05
Security update for java-1_7_1-ibm (important)
2017-05-23 21:14:27
Security update for java-1_8_0-ibm (important)
2017-05-23 21:14:04
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-06-21 15:44:57