← Back

Nablarch

nablarch

Vendor: Nablarch Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-5919
1Nablarch Project
1Nablarch
Nov 21, 2024
Mar 12, 2019
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value...Show more
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.Show less
CVE-2019-5918
1Nablarch Project
1Nablarch
Nov 21, 2024
Mar 12, 2019
N/A· v4
9.1 CRITICAL· v3
8.5 HIGH· v2
Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.