Skip to content

Untrusted XML files

Low
sbrunner published GHSA-vjv6-gq77-3mjw Jul 6, 2020

Package

maven org.mapfish.print.print-lib,org.mapfish.print.print-servlet,org.mapfish.print.print-standalone (Maven)

Affected versions

>= 3.0, < 3.24

Patched versions

3.24

Description

Impact

A user can do to an XML External Entity (XXE) attack with the provided SDL style.

Patches

Use version >= 3.24

Workarounds

No

References

For more information

If you have any questions or comments about this advisory Comment the pull request: #1397

Severity

Low

CVE ID

CVE-2020-15232

Weaknesses

No CWEs