Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
iText RUPS XfaFile.java xml external entity reference
Vulnerability Description
A vulnerability classified as problematic was found in iText RUPS. This vulnerability affects unknown code of the file src/main/java/com/itextpdf/rups/model/XfaFile.java. The manipulation leads to xml external entity reference. The patch is identified as ac5590925874ef810018a6b60fec216eee54fb32. It is recommended to apply a patch to fix this issue. VDB-217054 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
iText 代码问题漏洞
Vulnerability Description
iText是Java中用于创建和操作PDF文件的开源库。它是由Bruno Lowagie、Paulo Soares等人编写的。 iText RUPS存在代码问题漏洞。攻击者利用该漏洞导致xml外部实体引用。
CVSS Information
N/A
Vulnerability Type
N/A