Validation Bypass

2020-10-1404:33:05

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

38.9%

JSON

wildfly is vulnerable to validation bypass. An XML validation manipulation vulnerability exists due to incomplete application of use-grammar-pool-only in xercesImpl.

CPENameOperatorVersion
eap7-httpcomponents-clienteq4.5.2__3.redhat_2.1.el7eap
eap7-httpcomponents-clienteq4.5.2__3.redhat_2.1.el8eap
eap7-httpcomponents-clienteq4.5.4__1.redhat_00001.1.el6eap
eap7-httpcomponents-clienteq4.5.4__1.redhat_00001.1.el7eap
eap7-httpcomponents-clienteq4.5.0__1.redhat_1.1.ep7.el6
eap7-httpcomponents-clienteq4.5.2__1.redhat_1.1.ep7.el7
eap7-httpcomponents-clienteq4.5.4__1.redhat_00001.1.el8eap
eap7-httpcomponents-clienteq4.5.0__1.redhat_1.1.ep7.el7
eap7-httpcomponents-clienteq4.5.2__1.redhat_1.1.ep7.el6
eap7-httpcomponents-clienteq4.5.2__3.redhat_2.1.el6eap

Name	Operator	Version
eap7-httpcomponents-client	eq	4.5.2__3.redhat_2.1.el7eap
eap7-httpcomponents-client	eq	4.5.2__3.redhat_2.1.el8eap
eap7-httpcomponents-client	eq	4.5.4__1.redhat_00001.1.el6eap
eap7-httpcomponents-client	eq	4.5.4__1.redhat_00001.1.el7eap
eap7-httpcomponents-client	eq	4.5.0__1.redhat_1.1.ep7.el6
eap7-httpcomponents-client	eq	4.5.2__1.redhat_1.1.ep7.el7
eap7-httpcomponents-client	eq	4.5.4__1.redhat_00001.1.el8eap
eap7-httpcomponents-client	eq	4.5.0__1.redhat_1.1.ep7.el7
eap7-httpcomponents-client	eq	4.5.2__1.redhat_1.1.ep7.el6
eap7-httpcomponents-client	eq	4.5.2__3.redhat_2.1.el6eap