CVE-2019-10782
N/A
N/A
Summary
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | com.puppycrawl.tools:checkstyle | all versions before 8.29 | affected |
Weaknesses
- XML External Entity (XXE) Injection
ADP Enrichment
CVE Program Container
Additional References
- https://snyk.io/vuln/SNYK-JAVA-COMPUPPYCRAWLTOOLS-543266
- https://lists.debian.org/debian-lts-announce/2020/02/msg00008.html
- https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540%40%3Ccommits.nifi.apache.org%3E
References
- https://snyk.io/vuln/SNYK-JAVA-COMPUPPYCRAWLTOOLS-543266
- https://lists.debian.org/debian-lts-announce/2020/02/msg00008.html
- https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540%40%3Ccommits.nifi.apache.org%3E
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.