Sign In

CVE-2023-45960

ADVISORY - github

Summary

Withdrawn Advisory

This advisory has been withdrawn because the underlying vulnerability could not be reproduced. This link is maintained to preserve external references.

Original Description

An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a remote attacker to obtain sensitive information via the setFeature function.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo

ADVISORY - github

CWE-776

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

ADVISORY - gitlab

CWE-1035

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-937

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2023-45960
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-noinfo
RATING UNAVAILABLE FROM ADVISORY

GitHub

CREATED

UPDATED

ADVISORY IDGHSA-fgq9-fc3q-vqmw
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-776

CVSS SCORE

N/Amedium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2023-45960
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2023-45960
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

GitLab

CREATED

UPDATED

ADVISORY ID

CVE-2023-45960

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1035CWE-937

CVSS SCORE

7.5high

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2023-45960
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Aunspecified