Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PHPOffice Math allows XXE when processing an XML file in the MathML format
Vulnerability Description
PHPOffice Math is a library that provides a set of classes to manipulate different formula file formats. Prior to version 0.3.0, loading XML data using the standard `libxml` extension and the `LIBXML_DTDLOAD` flag without additional filtration, leads to XXE. Version 0.3.0 fixes the vulnerability.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Math 代码问题漏洞
Vulnerability Description
Math是PHPOffice开源的一个数学插件。 Math 0.3.0之前版本存在代码问题漏洞,该漏洞源于加载XML数据时未过滤,可能导致XXE攻击。
CVSS Information
N/A
Vulnerability Type
N/A