Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2017-1000190

Published: 17/11/2017 Updated: 07/11/2023
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Subscribe to Simplexml Project

Vulnerability Summary

SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

simplexml project simplexml 2.7.1

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2017-1000190: XXE vulnerability resulting in SSRF, information disclosure, DoS, etc.
Debian Bug report logs - #888547 CVE-2017-1000190: XXE vulnerability resulting in SSRF, information disclosure, DoS, etc Package: src:simple-xml; Maintainer for src:simple-xml is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 26 Jan ...

Github Repositories

https://github.com/antonycc/owl-to-java

OWL to Java generates a Java class model from an ontology defined using the W3C Web Ontology Language (OWL). The models are built by taking a specified list of OWL classes and creating Java classes for those OWL classes and their properties.

owl-to-java OWL to Java generates a Java class model from an ontology defined using the W3C Web Ontology Language (OWL) The models are built by taking a specified list of OWL classes and creating Java classes for those OWL classes and their properties Mission statement: Be a useful bridge between ontologies defined using open standards and object models which are of immed

References

CWE-611https://github.com/ngallagher/simplexml/issues/18https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/8c4ef27e2c0218f29e785990dc919266855aea137c958f10d242cb36%40%3Cdev.lucene.apache.org%3Ehttps://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888547https://nvd.nist.govhttps://github.com/antonycc/owl-to-java
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook