RSS   Vulnerabilities for 'Helix alm'   RSS

2021-04-13
 
CVE-2021-29997

CWE-611
 

 
XML External Entity Resolution (XXE) in Helix ALM. The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks.

 
 
CVE-2021-28973

CWE-776
 

 
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks.

 

 >>> Vendor: Perforce 5 Products
Perforce client
P4web
Perforce server
Perforce
Helix alm


Copyright 2022, cxsecurity.com

 

Back to Top