CVE-2022-2414

Summary

Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.

Affected Software

VendorProductVersion RangeStatus
n/aDogtag PKIAffected versions: 10.5.18, 10.7.4, 10.8.3, 10.11.2, 10.12.4, 11.0.5, 11.1.0affected

Weaknesses

  • CWE-611: CWE-611

ADP Enrichment

CVE Program Container

Additional References

References