Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:33800
HistoryJan 21, 2022 - 5:56 a.m.

XML External Entity (XXE)

2022-01-2105:56:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
xxe
jadx-core
exportgradleproject.java
documentbuilderfactory
androidmanifest file
gradle

EPSS

0.001

Percentile

33.4%

JSON

jadx-core is vulnerable to xml external entity attacks. The vulnerability exists in the parseXml function of ExportGradleProject.java as it does not set disallow-doctype-decl attribute in the DocumentBuilderFactory, allowing an attacker to export a malicious android application with a crafted AndroidManifest file to Gradle.

Related

osv 2
prion 1
cvelist 1
nvd 1
huntr 1
github 1
githubexploit 1
cve 1
osv
osv
Improper Restriction of XML External Entity Reference in skylot/jadx
2022-01-21 18:13:42
CVE-2022-0219
2022-01-20 17:15:18
prion
prion
Xxe
2022-01-20 17:15:00
cvelist
cvelist
CVE-2022-0219 Improper Restriction of XML External Entity Reference in skylot/jadx
2022-01-20 16:30:11
nvd
nvd
CVE-2022-0219
2022-01-20 17:15:18
huntr
huntr
in skylot/jadx
2022-01-12 15:22:08
github
github
Improper Restriction of XML External Entity Reference in skylot/jadx
2022-01-21 18:13:42
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Jadx Project Jadx
2022-01-20 14:24:45
cve
cve
CVE-2022-0219
2022-01-20 17:15:18

EPSS

0.001

Percentile

33.4%

JSON
Related for VERACODE:33800
osv2prion1cvelist1nvd1huntr1github1githubexploit1cve1