CVE-2022-2838 in Sphinxinfo

Zusammenfassung

von MITRE • 16.08.2022

In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

16.08.2022

Veröffentlichung

16.08.2022

Moderieren

akzeptiert

Eintrag

VDB-206457

CPE

bereit

CWE

CWE-611 (bestätigt)

CVSS

5.3 (NVD)

EPSS

0.00206

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-2838
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-2838
CVE Details	https://www.cvedetails.com/cve/CVE-2022-2838/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!