satyamchaurasiapersistent / JavaVulnerableLab

lab
0 stars 0 forks source link

CX: CVE-2018-1000632 in Maven-dom4j:dom4j and 1.6.1 @ JavaVulnerableLab.master #128

Closed nidhi0512 closed 2 years ago

nidhi0512 commented 2 years ago

Description

dom4j prior to 2.0.3 and 2.1.x prior to 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. To resolve this issue - upgrade to version 2.0.3 or 2.1.1. Please note: the package name was changed to org.dom4j:dom4j on version 2.0.0.

HIGH Vulnerable Package issue exists @ dom4j:dom4j in branch master

Vulnerability ID: CVE-2018-1000632

Package Name: dom4j:dom4j

Severity: HIGH

CVSS Score: 7.5

Publish Date: 2018-08-20T19:31:00

Current Package Version: 1.6.1

Remediation Upgrade Recommendation:

Link To SCA

Reference – NVD link

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.

nidhi0512 commented 2 years ago

Issue still exists.