Vulnerability

CVE-2021-33813

 Report advisory or correction

CVSS Score 7.5 high

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-611

References

https://alephsecurity.com/vulns/aleph-2021003
https://github.com/hunterhacker/jdom/releases
https://github.com/hunterhacker/jdom/issues/189
https://github.com/hunterhacker/jdom/pull/188
https://exchange.xforce.ibmcloud.com/vulnerabilities/203804
https://github.com/oehf/ipf/issues/357
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33813

[CVE-2021-33813] CWE-611: Improper Restriction of XML External Entity Reference ('XXE')

Description

An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

See org.jdom/jdom2 package information