← Back

Cvrf Csaf Converter

cvrf-csaf-converter

Vendor: Cvrf Csaf Converter Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-27193
1Cvrf Csaf Converter Project
1Cvrf Csaf Converter
Nov 21, 2024
Mar 15, 2022
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose inform...Show more
CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter.Show less