CVE-2014-1868 Vulnerability in maven package org.restlet.osgi:org.restlet

Description

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

Remediation

References

https://github.com/restlet/restlet-framework-java/wiki/XEE-security-enhancements

http://secunia.com/advisories/56940

https://exchange.xforce.ibmcloud.com/vulnerabilities/91181

Related Vulnerabilities

CVE-2019-10375 Vulnerability in maven package hudson.plugins.filesystem_scm:filesystem_scm

CVE-2008-0002 Vulnerability in maven package org.apache.tomcat:catalina

CVE-2023-47321 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web

CVE-2010-3718 Vulnerability in maven package org.apache.tomcat:catalina

CVE-2020-10673 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

Severity

Critical

Description

Remediation

References

Related Vulnerabilities

Severity

Tags

Take action and discover your vulnerabilities