CVE-2016-3674
CVSS v3.0
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.18 % (56th)
Affected Products
3
Advisories
6
Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2016-05-17 14:08:03
(8 years ago) - Updated Date
-
2018-03-26 18:47:40
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...