CVE-2018-20433
CVSS v3.0
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.59 % (78th)
Affected Products
2
Advisories
5
c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.
Weaknesses
- CWE-611
- Improper Restriction of XML External Entity Reference
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2018-12-24 13:29:00
(5 years ago) - Updated Date
-
2023-11-07 02:56:17
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...