Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-2414

Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.

Published

2022-07-29T19:15:08.477

Last Modified

2024-11-21T07:00:56.520

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-611
  • Type: Primary
    CWE-611
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application dogtagpki dogtagpki 10.5.18 Yes
Application dogtagpki dogtagpki 10.7.4 Yes
Application dogtagpki dogtagpki 10.8.3 Yes
Application dogtagpki dogtagpki 10.11.2 Yes
Application dogtagpki dogtagpki 10.12.4 Yes
Application dogtagpki dogtagpki 11.0.5 Yes
Application dogtagpki dogtagpki 11.1.0 Yes
References