CVE-2021-33813 @ Maven-jdom:jdom-1.0 #141

cyates-checkmarx · 2023-06-23T17:34:30Z

Vulnerable Package issue exists @ Maven-jdom:jdom-1.0 in branch master

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

Namespace: cyates-checkmarx
Repository: JVL
Repository Url: https://github.com/cyates-checkmarx/JVL
CxAST-Project: cyates-checkmarx/JVL
CxAST platform scan: 7b012027-b586-4987-b934-7a017732de85
Branch: master
Application: JVL
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-611

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.1

References
Advisory
Pull request
Commit
Disclosure
Commit
Issue

cyates-checkmarx closed this as completed Dec 11, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-33813 @ Maven-jdom:jdom-1.0 #141

CVE-2021-33813 @ Maven-jdom:jdom-1.0 #141

cyates-checkmarx commented Jun 23, 2023

CVE-2021-33813 @ Maven-jdom:jdom-1.0 #141

CVE-2021-33813 @ Maven-jdom:jdom-1.0 #141

Comments

cyates-checkmarx commented Jun 23, 2023