Lucene search
Veracode Vulnerability DatabaseVERACODE:21653HistoryOct 08, 2019 - 5:49 a.m.
XML External Entity (XXE)
2019-10-0805:49:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
26
0.002 Low
EPSS
Percentile
62.2%
DiffPlug Spotless is vulnerable to XML external entities (XXE). The XML formatter has resolveExternalURI setting to true by default and it loads external DTD.
| CPE | Name | Operator | Version |
|---|---|---|---|
| spotless-plugin-gradle | le | 3.19.0 | |
| spotless-maven-plugin | le | 1.19.0 |
References
Related
prion
prion
Xxe
2019-06-28 18:15:00
osv
osv
CVE-2019-9843
2019-06-28 18:15:15
Improper Restriction of XML External Entity Reference in DiffPlug Spotless
2019-07-05 21:07:40
cvelist
cvelist
CVE-2019-9843
2019-03-15 23:00:00
cve
cve
CVE-2019-9843
2019-06-28 18:15:15
nvd
nvd
CVE-2019-9843
2019-06-28 18:15:15
github
github
Improper Restriction of XML External Entity Reference in DiffPlug Spotless
2019-07-05 21:07:40