CVE-2023-4218
CVSS v3.1
5 (Medium)
EPSS
0.05 % (17th)
Affected Products
3
Advisories
2
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
Weaknesses
- CWE-611
- Improper Restriction of XML External Entity Reference
- CVE Status
- PUBLISHED
- CNA
- Eclipse Foundation
- Published Date
-
2023-11-09 09:15:08
(10 months ago) - Updated Date
-
2023-11-24 18:25:48
(9 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...