Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks
Vulnerability Description
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim's trust relationship with other entities.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
EpubCheck 安全漏洞
Vulnerability Description
EpubCheck是一套用于验证EPUB文件的工具。 EpubCheck 4.0.1版本中存在XML外部实体注入漏洞,该漏洞源于程序没有正确的限制对外部实体的解析。攻击者可借助特制的EPUB文件利用该漏洞读取任意文件或使用户执行任意的请求。
CVSS Information
N/A
Vulnerability Type
N/A