CVE-2022-34467
N/A
N/A
Summary
A vulnerability has been identified in Mendix Excel Importer Module (Mendix 8 compatible) (All versions < V9.2.2), Mendix Excel Importer Module (Mendix 9 compatible) (All versions < V10.1.2). The affected component is vulnerable to XML Entity Expansion Injection. An attacker may use this to compromise the availability of the affected component.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Mendix Excel Importer Module (Mendix 8 compatible) | All versions < V9.2.2 | affected |
| Siemens | Mendix Excel Importer Module (Mendix 9 compatible) | All versions < V10.1.2 | affected |
Weaknesses
- CWE-776: CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.