RSS   Vulnerabilities for 'LYO'   RSS

2022-07-07
 
CVE-2021-41042

CWE-611
 

 
In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved.

 

 >>> Vendor: Eclipse 30 Products
Jetty
Eclipse ide
BIRT
Mojarra
Tinydtls
Mosquitto
KURA
IDE
Vert.x
Openj9
Rdf4j
Wakaama
Hawkbit
OMR
Paho java client
Vorto
Jersey
CHE
Memory analyzer
Theia
Web tools platform
HONO
Californium
Cyclone data distribution service
KETI
Paho mqtt c\/c\+\+ client
Lemminx
Cyclonedds
LYO
Equinox p2


Copyright 2024, cxsecurity.com

 

Back to Top