CVE-2019-13990

ADVISORY - github

Summary

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

EPSS Score⁠: 0.07947 (0.916)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-611⁠

Improper Restriction of XML External Entity Reference

ADVISORY - github

CWE-611⁠

Improper Restriction of XML External Entity Reference

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-611⁠

Improper Restriction of XML External Entity Reference

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-611⁠

Improper Restriction of XML External Entity Reference

Impacted images

Advisories

NIST

CREATED

6 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2019-13990⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-611⁠

CVSS SCORE

9.8critical

GitHub

CREATED

5 years ago

UPDATED

8 months ago

ADVISORY IDGHSA-9qcf-c26r-x5rf⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-611⁠

CVSS SCORE

9.8critical

Debian

CREATED

6 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2019-13990⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

6 years ago

UPDATED

16 days ago

ADVISORY IDCVE-2019-13990⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8medium

GitLab

CREATED

5 years ago

UPDATED

8 months ago

ADVISORY ID

CVE-2019-13990

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-611⁠CWE-937⁠

CVSS SCORE

9.8critical

Red Hat

CREATED

6 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2019-13990⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-611⁠

CVSS SCORE

8.1high