Mageia: 2019-0077 Urgent: dom4j XML Injection Security Advisory
mageia
February 14, 2019
dom4j version prior to version 2.1.1 contains an XML Injection vulnerability in Class: Element
Summary
dom4j version prior to version 2.1.1 contains an XML Injection vulnerability
in Class: Element. Methods: addElement, addAttribute that can result in an
attacker tampering with XML documents through XML injection. This attack
appears to be exploitable via an attacker specifying attributes or elements
in the XML document (CVE-2018-1000632).
References
- https://bugs.mageia.org/show_bug.cgi?id=23677
- - https://www.cve.org/CVERecord?id=CVE-2018-1000632
Topics Covered
Resolution
SRPMS
- 6/core/dom4j-1.6.1-28.1.mga6
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 14 Feb 2019
URL: https://advisories.mageia.org/MGASA-2019-0077.html
Type: security
CVE: CVE-2018-1000632
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!