Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UIKit0 libplist XML xplist.c plist_from_xml xml external entity reference
Vulnerability Description
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The patch is named c086cb139af7c82845f6d565e636073ff4b37440. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221499.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
UIKit0 libplist 代码问题漏洞
Vulnerability Description
libplist是UIKit0个人开发者的一个小型的可移植 C 库。用于处理二进制或 XML 格式的 Apple 属性列表文件。 UIKit0 libplist 1.12版本存在代码问题漏洞,该漏洞源于文件src/xplist.c的函数plist_from_xml存在问题,会导致xml外部实体引用。
CVSS Information
N/A
Vulnerability Type
N/A