Uploaded image for project: 'Talend DI components'
  1. Talend DI components
  2. TDI-49252

XML External Entity (XXE) in Talend/connectors-lib-se (main)-xmlbeans-2.6.0

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • GreenHopper Ranking:
      0|i2mzeb:
    • 9223372036854775807

    Description

      XML External Entity (XXE) in Talend/connectors-lib-se (main)

      Issue Details

      • Vulnerability: XML External Entity (XXE)
      • Severity: Hign
      • Project: Talend/connectors-lib-se
      • Branch: main
      • Scan Date: Unknown

      Issue Description

      xmlbeans is vulnerable to XML External Entity attacks. The vulnerability exists due to the lack of sanitization of XML input containing a reference to an external entity which is processed by a weakly configured XML parser allowing an attacker to exhaust the system resource via recursive external entity pointers.

      View more details

      Attachments

        Activity

          People

            pteyssier pierre teyssier
            wwang Wei Wang
            Dmytro Sylaiev, Wei Yuan
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: