Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: logback-classic
Labels:
None

Description

Hi Team,

A security issue has been raised by our Fortify scan for the following component:

*dom4j - XML eXternal Entity (XXE)*

Component Name: org.dom4j:dom4j
Component Version: 2.1.1
Repository: maven
Instance ID: B294C4B2311CED0EF0D8F9827BB423C1
Primary Rule ID: CVE-2020-10683
CVSS Base Score: 7.6
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

https://nvd.nist.gov/vuln/detail/CVE-2020-10683
https://cwe.mitre.org/data/definitions/611.html

Attachments

Activity

People

Assignee:: Logback dev list

Reporter:: xavier lamourec

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 23/Nov/20 10:53

Updated:: 24/Nov/20 18:56